Active discussions

Meet the Other Phone. Only the apps you allow.

Meet the Other Phone.
Only the apps you allow.

Buy now

Please or to access all these features

Talk
AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

Original poster

Data protection breach

20 replies

devuskums · 11/10/2016 19:12

A company has emailed my contact details including name and age of my child, our home address and email details, and also the dates of our next holiday to an unspecified number of other people who entered a competition. They have emailed me all the details of 12 other people. I contacted them to point this breach out and they have basically downplayed it, saying they can't confirm how many people now have all my details and that they are very sorry. I am now really worried in case I will be burgled while on holiday and also worried about identity theft and the like. AIBU or would other people be appalled at this? I don't really know what to do now but I feel like I should do something!

OP posts:
WyldFyre · 11/10/2016 19:19

If they are shrugging off a genuine complaint the. Get the information commissioner involved

insancerre · 11/10/2016 19:21

That's awful
There must be someone to complain to

redisthenewblack · 11/10/2016 19:22

Shock that is unbelievably shocking!

Can you please name the company so I can avoid them likr the plague?!

user12785 · 11/10/2016 19:22

Hi, you need to get in touch with the Information Commission (ico.org.UK) urgently, who can advise you. Email and phone numbers on the website. The company is in deep shit, especially as there's a child protection issue too.

redisthenewblack · 11/10/2016 19:22

like

MrsHathaway · 11/10/2016 19:24

Make a complaint to the information commissioner. It's a long form but not complicated, and they take it very seriously.

Someone very senior should be dealing with your complaint. Are you still dealing with first line support?

WatchingFromTheWings · 11/10/2016 19:24

Wow, that's not on. I'd seriously consider changing the holiday and demanding they reimburse you any expenses incurred. I couldn't go on holiday knowing strangers knew exactly when my home would be sitting empty. Confused

gallicgirl · 11/10/2016 19:24

Make it a formal written complaint and send recorded delivery.

The ICO can be contacted about the breach here: ico.org.uk/concerns/handling/

I know if we breach DPA (local authority) we're obliged to report it to the ICO ourselves.

I certainly wouldn't be happy about this. Is the company who have made the breach, the same company you're going on holiday with? I would probably try to change the dates of my holiday if possible.

ZigZagIntoTheBlue · 11/10/2016 19:28

That's awful! I work in the public sector and have recently done an information governance course, they should have to pay a huge fine as a minimum and an urgent review of their procedures. Disciplinary action to the person who sent it too!

Original poster
devuskums · 11/10/2016 21:57

Hi thanks for replies. It is not the travel company but I won't name and shame just yet. I rang their hq and a csr took my details and said someone would call me but they didn't. So I messaged them on FB and the rep said they were aware and had 'resolved the problem'!

OP posts:
gallicgirl · 11/10/2016 22:16

Huh?!

Have they somehow managed to remove your details from the memories of the people it was sent to?

It sounds like they are struggling to even understand the problem!

MuffyTheUmpireSlayer · 11/10/2016 22:18

That's awful! I would look into rearranging holiday dates as that does leave your home at risk!

harderandharder2breathe · 11/10/2016 22:20

Hopefully they mean they resolved the issue that allowed it to happen which is good, but not much use to those already affected!

I work for a large financial company and yes sometimes mistakes happen. As a minimum we would apologise and offer compensation including paying for you to register with an identity protection service. Although we know mistakes will always happen, we do everything possible to minimise the frequency and severity, and to take prompt action when they do happen, as should all companies who handle your data!

BreatheDeep · 11/10/2016 22:20

What sort of company is this? Where I work we're heavily regulated and something like this would be a huge breach. A complaint can't be resolved without the complainer being notified of tge resolution either. Have you used the word 'complaint' or similar when talking to them? They might be trying to get away with it being a dissatisfaction instead if not.

Original poster
devuskums · 11/10/2016 22:30

He has basically the issue has been resolved as no more emails were sent after they realised their mistake and that he would personally be contacting the small number, if any people, that are affected!

OP posts:
Original poster
devuskums · 11/10/2016 22:38

Thanks all for your advice, I will be contacting information commissioner in the morning. I have emailed again making it clear that I feel this is a serious complaint thanks Breathedeep

OP posts:
Lovewineandchocs · 11/10/2016 22:39

Please complain to the ICO, it's the only way attention gets drawn to these things and action taken.

MinnieMinchkin · 11/10/2016 22:47

Interesting info regarding info commissioner. DH just opened his pension statement to find that of another customer folded up within his own. He's posted it off to the other customer with a hand-written note recommending that he makes a complaint, too.

Original poster
devuskums · 11/10/2016 22:54

Blimey thats outrageous MinnieM!

OP posts:
gallicgirl · 11/10/2016 23:01

It's easily done. Letters probably go through an enveloping machine and sometimes pick up an extra one. It's not ideal and it's easy to put measures in place to stop it happening.

New posts on this thread. Refresh page