Data protection breach

(21 Posts)
devuskums Tue 11-Oct-16 19:12:47

A company has emailed my contact details including name and age of my child, our home address and email details, and also the dates of our next holiday to an unspecified number of other people who entered a competition. They have emailed me all the details of 12 other people. I contacted them to point this breach out and they have basically downplayed it, saying they can't confirm how many people now have all my details and that they are very sorry. I am now really worried in case I will be burgled while on holiday and also worried about identity theft and the like. AIBU or would other people be appalled at this? I don't really know what to do now but I feel like I should do something!

WyldFyre Tue 11-Oct-16 19:19:48

If they are shrugging off a genuine complaint the. Get the information commissioner involved

insancerre Tue 11-Oct-16 19:21:52

That's awful
There must be someone to complain to

redisthenewblack Tue 11-Oct-16 19:22:04

shock that is unbelievably shocking!

Can you please name the company so I can avoid them likr the plague?!

Eglantyne Tue 11-Oct-16 19:22:26

Hi, you need to get in touch with the Information Commission (ico.org.UK) urgently, who can advise you. Email and phone numbers on the website. The company is in deep shit, especially as there's a child protection issue too.

redisthenewblack Tue 11-Oct-16 19:22:27

like

MrsHathaway Tue 11-Oct-16 19:24:06

Make a complaint to the information commissioner. It's a long form but not complicated, and they take it very seriously.

Someone very senior should be dealing with your complaint. Are you still dealing with first line support?

WatchingFromTheWings Tue 11-Oct-16 19:24:15

Wow, that's not on. I'd seriously consider changing the holiday and demanding they reimburse you any expenses incurred. I couldn't go on holiday knowing strangers knew exactly when my home would be sitting empty. confused

gallicgirl Tue 11-Oct-16 19:24:53

Make it a formal written complaint and send recorded delivery.

The ICO can be contacted about the breach here: ico.org.uk/concerns/handling/

I know if we breach DPA (local authority) we're obliged to report it to the ICO ourselves.

I certainly wouldn't be happy about this. Is the company who have made the breach, the same company you're going on holiday with? I would probably try to change the dates of my holiday if possible.

ZigZagIntoTheBlue Tue 11-Oct-16 19:28:36

That's awful! I work in the public sector and have recently done an information governance course, they should have to pay a huge fine as a minimum and an urgent review of their procedures. Disciplinary action to the person who sent it too!

devuskums Tue 11-Oct-16 21:57:46

Hi thanks for replies. It is not the travel company but I won't name and shame just yet. I rang their hq and a csr took my details and said someone would call me but they didn't. So I messaged them on FB and the rep said they were aware and had 'resolved the problem'!

gallicgirl Tue 11-Oct-16 22:16:16

Huh?!

Have they somehow managed to remove your details from the memories of the people it was sent to?

It sounds like they are struggling to even understand the problem!

MuffyTheUmpireSlayer Tue 11-Oct-16 22:18:55

That's awful! I would look into rearranging holiday dates as that does leave your home at risk!

harderandharder2breathe Tue 11-Oct-16 22:20:34

Hopefully they mean they resolved the issue that allowed it to happen which is good, but not much use to those already affected!

I work for a large financial company and yes sometimes mistakes happen. As a minimum we would apologise and offer compensation including paying for you to register with an identity protection service. Although we know mistakes will always happen, we do everything possible to minimise the frequency and severity, and to take prompt action when they do happen, as should all companies who handle your data!

BreatheDeep Tue 11-Oct-16 22:20:58

What sort of company is this? Where I work we're heavily regulated and something like this would be a huge breach. A complaint can't be resolved without the complainer being notified of tge resolution either. Have you used the word 'complaint' or similar when talking to them? They might be trying to get away with it being a dissatisfaction instead if not.

devuskums Tue 11-Oct-16 22:30:23

He has basically the issue has been resolved as no more emails were sent after they realised their mistake and that he would personally be contacting the small number, if any people, that are affected!

devuskums Tue 11-Oct-16 22:38:34

Thanks all for your advice, I will be contacting information commissioner in the morning. I have emailed again making it clear that I feel this is a serious complaint thanks Breathedeep

Lovewineandchocs Tue 11-Oct-16 22:39:36

Please complain to the ICO, it's the only way attention gets drawn to these things and action taken.

MinnieMinchkin Tue 11-Oct-16 22:47:43

Interesting info regarding info commissioner. DH just opened his pension statement to find that of another customer folded up within his own. He's posted it off to the other customer with a hand-written note recommending that he makes a complaint, too.

devuskums Tue 11-Oct-16 22:54:20

Blimey thats outrageous MinnieM!

gallicgirl Tue 11-Oct-16 23:01:15

It's easily done. Letters probably go through an enveloping machine and sometimes pick up an extra one. It's not ideal and it's easy to put measures in place to stop it happening.

Join the discussion

Join the discussion

Registering is free, easy, and means you can join in the discussion, get discounts, win prizes and lots more.

Register now