My data has been breached

[Simbaya]

Respond please.

exactly

If I were you OP I'd put in a FOI request to Mumsnet to ask for the names and email addresses of the people who have your address, if mumsnet wont tell you. And then fight your case if you aren't happy with the result. Good luck

accounts can be found in some places with email addresses

So... You think it's only important not to breach data as long as the person has a common name? What if that person's name is Zebediah Barrington-Smythe? Would it be less acceptable to leak that person's data? In the eyes of the law, Zebediah and Emma are equally protected.

If your car insurance company breached your data, allowing other customers to see data that could identify you, would you say "oh well never mind?"

If someone's email address was [email protected], and she had posted on the property board that she wanted advice on a house she had bought in Stoke on Trent, it wouldn't take a genius to look on Facebook and work out how many Patricia Greens there were in stoke on trent of the right age and identify her. She might have also posted about being abused by her husband, or that she's a rape survivor, or asking for advice on bullying at work, or any number of things that could cause problems if they become known. Mumsnet is supposed to be anonymous which is fine until they have another data breach.

That's why there are such strict laws about data protection. It doesn't matter why someone might misuse data. What is important is that companies like Mumsnet should protect data of individuals so that it can't be misused. It's all very well scoffing at someone who is concerned about their data being breached. But Mumsnet has a legal obligation to make sure that it does not happen and whether someone can work anything out from her email address is entirely irrelevant to the issue.

That level of information wouldn’t be disclosed under an FOI.

Your email address is not your data, it’s just your email address

Wrong. Personal email addresses are personal data and protected by GDPR.

I'm no expert but I believe the request would need to be a SARN under DPA, for one's own personal data? With a side complaint about it being part of wider GDPR breaches?

Then if it's redacted you can ask the ICO to adjudicate on that.

Would we have been emailed had this happened to us as well?

You can't submit an FOI to MN.

No other company has ever breached my data.

Mumsnet is not a public body and therefore not subject to the requirements of the Freedom of Information Act. Even if it were, the chances of the details of the reporters being released to the OP are minimal. That could constitute another breach in itself.

Under GDPR, MN are required to protect my private data. They haven't. Three people with a grudge now have my details.

This is awful simbaya, so sorry

Data breaches are enormously common. There is software that can check for you.

Three people with a grudge

Come on this is just a forum.

OP this sort of thing sends shivers down my spine. I had a similar experience - not Mumsnet related - and it was hugely stressful and worrying. I hope you get some answers soon.

Perhaps for others who haven't had a data breach (yet) this is useful: it's possible to make a Mumsnet account with an email address that you only use for Mumsnet. After the last data breach I did this. I made an account with "[email protected]" type of address so that if there's a data breach again - malicious or human error - my data is worthless to whoever gets it.

The downside is you don't get email updates from Mumsnet and if you report a thread or post you don't see the Mumsnet response unless you specifically log in. But after having my details shared elsewhere online (not related to Mumsnet), I decided for me it was worth it.

You also lose you posting history/usernames because you can't transfer email addresses (and it's possibly that it wouldn't be secure to do that anyway), but that pain is quickly gotten over by posting!

Lol.
A) obviously not your data
and
B) you know what happened to Justine before, right?
and
C) You know about the Mumsnetter whose personal information was requested in a court case brought by someone who took offence at what she said on this "just a forum"?!

"Just a forum". Unless it's your data!

molehill50 ·
In the OP's defence mumsnet have not said they will report themselves to the ICO.

MNHQ said

Our DPO has been informed and on his advice we'll report it the ICO if appropriate

The DPO is mumsnet data protection officer. Mumsnet said they will report to the ICO if the DPO said it needs to be reported.

tribpot
Justine does not say on the other thread that Mumsnet have reported the breach to the ICO, she says Our DPO has been informed and on his advice we'll report it the ICO if appropriate. - key words being 'if appropriate', I think. Have they had the advice back from the DPO yet?

And later Justine said that it would be reported to the ICO today, so a decision was made to report, it just hadn't been done at the point it was posted. I would imagine there was a process to follow to make the report, not just a quick 'we fucked up again' email.

Did you read the other thread that was started I'm sure stuff, which drew mumsnets attention to the fact they were handing out data willy nilly.

The original poster om the ither thread received the name and email address of a poster that reported her and was able to track her down.
Now that poster had no nefarious intentions but with the vile trolls that infiltrate this site that could have been a whole other story. Before getting married nd changing my surname I had an entirely unique which is my email address. On googling myself I am the only person that comes up with that name. I was one of a kind so very easy to trace. I'd be horrified if some activist troll got my name, or even my email address, as like I say my name is unique.

With people who can remove your posts?

It’s not just an email address though is it.

It identifies the op due to the unique name and the 3 people can now link this to their posting history.

I would be furious.

That's rubbish for you, @Simbaya and anyone else affected.
As far as I can tell, my private information hasn't been compromised, but what a shame that other MNers can't see what your problem is. (Having said that maybe they're the ones who come out and snipe on AIBU - who knows.) Either way, many people come on here to post private stuff under the umbrella of anonymity, that supposedly what MN is for. If that anonymity has been breached, it's something that should be addressed immediately.
Come on, @MNHQ, get your act together.

that's

OMG that makes me feel sick. That's awful Simbaya.

People who say it's only a forum, what does it matter, are naive beyond belief!!

I'm off to change my username and email address AGAIN!

Three other users? So four in total?

I am so sorry Simbaya.