Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Of all people to accidentally publish personal details, you wouldn’t have thought it’d be an independent watchdog…
Following news reports form the BBC, the expenses watchdog has been left red-faced and has issued an apology for their disastrous error where approximately 3,000 MPs’ employees and their salaries were mistakenly published.
The Independent Parliamentary Standards Authority (IPSA) was created by Parliament in 2009 to independently oversee and regulate MPs’ business costs and expenses, and in this instance, they have found themselves at the centre of a scandal themselves.
Through their apology, the IPSA noted what private information was published:
The IPSA confirmed that no addresses, bank account details, national insurance numbers, or phone numbers were published. However, they acknowledged that the personal information disclosed was extremely personal.
ISPA’s CEO, Marcial Boo, tried to reassure the employees involved that none of the information would put their security in jeopardy. But how can he make such an assurance?
Following the error, the IPSA launched an inquiry in order to get to the bottom of the matter. They believe that “extremely sensitive” information stored on 3 files was publicly available for approximately 4 hours.
The IPSA was notified of the breach by a Conservative MP, Karl McCartney, and the information was taken down within an hour. As the information was publicly accessible for 4 hours, it could have been circulated to thousands or millions of people. The initial findings of the inquiry found that it was mistakenly uploaded onto an old version of its website, which will be archived.
Mr McCartney is, understandably, highly embarrassed by the incident and posted his opinion on Twitter that whoever posted the files online, “really needs some IT training before their next job”. We’re with you there, Mr McCartney. Not only is it embarrassing for an independent public authority, but it also disregards data protection rights and principles afforded under the Data Protection Act.
As with most data breach cases, the Information Commissioner’s Office (ICO) has been notified to provide their comments and findings on whether they believe a breach of the law has occurred. It’s quite clear to there is a data breach of the employees’ personal data in or view, as their information was published without their knowledge or consent. Though the ICO’s findings aren’t legally binding, they can be useful, and fines can be issued for punishment.
The bottom line is that sensitive data was disclosed to the public, and that amounts to a data breach, given that consent wasn’t given. Labour MP Chris Bryant notes the distress is may cause to those involved:
“…staff will be more worried than anyone else because they’ve done nothing to bring themselves into the public domain in this way.”
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.