Southend Council suffers data breach

Southend Council could face a huge fine after referring itself to the Information Commissioner’s Office (ICO) following a data breach in May.

The breach saw a spreadsheet containing anonymised job role and structure data for one department uploaded online in response to a freedom of information request on May 17, reports the Southend Echo.

Initially, the council believed the FOI only contained anonymised information for one department, but actually it contained “personal and special category” data of all council staff and leavers as of March 31, according to the report.

The breach included names, addresses and national insurance numbers and involves data of 1,854 permanent, fixed term and casual staff and 276 former staff.

A total of 169 agency, office holders and canvassers, along with councillors and co-opted members elected as of March 31 were also involved.

Tony Cox, Conservative leader of the the already cash-strapped council said: “We have immediately begun an investigation to understand how this happened and I sincerely apologise to those affected on behalf of the organisation.

“It is important to stress that this information did not contain bank details and was not obvious or visible without interrogation of the spreadsheet.

“However, this information included details such as national insurance numbers, pension scheme details, salary, names and addresses and equal opportunities data where provided.”

The breach also includes a less extensive list relating to elected councillors as of March 31.

The council has begun investigating how the happened, undertaking an initial assessment to understand the potential risk to staff and whether the data could be used in a harmful way. It is also providing advice and support to all staff affected and stopping the use of Excel spreadsheets in its FOI responses.