Active discussions

Meet the Other Phone. A phone that grows with your child.

Meet the Other Phone.
A phone that grows with your child.

Buy now

Please or to access all these features

Talk
AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

Original poster

Data breach

7 replies

waitingformyturn · 02/01/2020 17:22

So I received an email today from a mortgage broker we used to buy our current home from around 6 months ago. The email thread contained details of someone else's mortgage application and their credit report was also attached. Their personal email and their partners personal email was visible in the chain too. Obviously this is a blatant data protection breach by the broker. I can't help but feel a bit annoyed this email somehow found it's way to me, concerned about them being careless (as they also hold a lot of info of mine) and annoyed for the person who's data they've just sent out. I know through our solicitor for example all messages were encrypted to avoid this kind of thing happening. I get it's a silly error but Aibu to complain or even inform the person their data has been breached?

OP posts:
JonSlow · 02/01/2020 17:44

Look at their website, look for details of a managing partner or data controller. Report this to them.

SummerWhisper · 02/01/2020 17:55

Report it to the person whose data has been breached. Also to the Information Commissioner's Office. Then let the mortgage broker know.

Hingeandbracket · 02/01/2020 18:10

all messages were encrypted to avoid this kind of thing happening
Encryption doesn't prevent a human error in which you are sent the wrong details.

Goldenbear · 02/01/2020 18:32

It doesn't but it takes it out of the higher risk data breach category.

chomalungma · 02/01/2020 18:40

Guessing it was a different email address breach?

We use an encrypted secure email system - but there could be a breach if it was sent to the wrong person. The receiver would have to actively try to access it - and there are systems in place if the wrong person is emailed to ensure that the email and any attachments can be deleted.

Tell the person that they have done this breach. You don't need to report it - and it depends on the organisation if they need to report it, although there is a lot of sensitive information that has been released.

Emails are great, but it's easy to make mistakes,.

But thinking about it, our secure email system doesn't allow you to store email addresses. You have to actively put it in so that helps reduce breaches.

KnowBetterDoBetter · 02/01/2020 20:08

all messages were encrypted to avoid this kind of thing happening
Encryption doesn't prevent a human error in which you are sent the wrong details.

What does encryption mean in this context? When I receive healthcare related emails (and attachments to diagnoses letters etc.) these attachments are encrypted - I have to enter my date of birth to read them. So surely this would prevent this kind of breach?

Original poster
waitingformyturn · 03/01/2020 09:05

Thanks for replies. Regarding encrypted emailed from solicitors - I may have used the wrong phase but I meant that they came via a secure email so I had to physically enter a system and put in a password to access.

OP posts:
New posts on this thread. Refresh page
Please create an account

To comment on this thread you need to create a Mumsnet account.

Join Mumsnet Log In

This thread is closed and is no longer accepting replies. Click here to start a new thread.

Swipe left for the next trending thread