Establishing Digital Trust: Don't Sacrifice Security for Convenience
In response to a Freedom of Information request, the UK's Islington Council mistakenly provided the Web site WhatDoTheyKnow with 2,376 residents' personal information, including name, address, relationship status, ethnicity, and sexual preference.
"A spreadsheet containing the information was sent to the website WhatDoTheyKnow which published it online, but the spreadsheet also contained tabs with the names, marital status and addresses of 2,400 residents," writes SC Magazine's Dan Raywood. "This data was online for two weeks before the council was notified of the error. According to a statement by WhatDoTheyKnow owner mySociety, in one file the personal data was contained within a normal spreadsheet, while in the two other workbooks the personal data was contained on four hidden sheets."
"This follows a further information leak by the authority in April, when individuals facing ejection from an estate were provided with the names and phone numbers of the 51 residents that had lodged complaints against them," writes LocalGov.co.uk's Thomas Bridge.
"An Islington Council spokeswoman said it has launched an immediate investigation and has informed the Information Commissioner who is already probing April's data breach," The Telegraph reports. "The spokeswoman said: 'We're already working to improve the protection of information within the council and we will now be intensifying our efforts to ensure all staff receive appropriate training.'"