Probe after Newcastle Citizens Advice Bureau makes clients' details available on the internet (From The Northern Echo)
For details on how to contact our editorial and commercial departments, click here
Probe after Newcastle Citizens Advice Bureau makes clients' details available on the internet
4:43pm Wednesday 18th September 2013 in News
A HUGE quantity of personal information has been inadvertently released by the Citizens Advice Bureau (CAB) about its clients.
Sensitive data such as names, addresses, debt history and criminal records logged at the Newcastle CAB branch were accidentally made available for anyone to see on the internet.
The mistake saw more than 1,300 files published, which included staff log-in details to the CAB main website.
Letters assuring clients that any advice given was strictly confidential were also part of the accidental online disclosure.
As a result, the Information Commissioners Office (ICO) have confirmed they are now looking into the incident and the possible data protection breach.
Shona Alexander, chief executive of Newcastle CAB, insisted that despite the leak, people could still talk to them in total confidence.
She also said they were taking urgent action to contact anyone that had been affected by the incident.
This isolated incident at Newcastle CAB is being thoroughly investigated, she said.
Id like to reassure people that, because we take data protection extremely seriously, they can speak to us in total confidence - all Newcastle CAB staff and volunteers are fully trained in Information Assurance.
The Information Commissioners Office are aware of this incident and we are working with them, as well as the Senior Information Risk Owner at Citizens Advice, taking urgent action to contact anyone who may have been affected by this incident and fully resolving any issues.
An ICO spokesperson said: We have recently been made aware of a possible data breach which may involve the Newcastle Citizens Advice Bureau.
We will be making inquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken.
Comments are closed on this article.