Blackpool Council data breach reveals HMO licence holders’ personal details
Hundreds of HMO (House in Multiple Occupation) licence holders have had their personal details exposed online due to an apparent error made by Blackpool Council when responding to a Freedom of Information request.
The error arose following a legitimate Freedom of Information request made in October 2018 by a member of the public, asking Blackpool Council for a list of current HMO licences issued for Blackpool.
In responding to the request, the council provided more information that they should have, including sensitive personal information about the HMO licences holders such as their:
- Dates of births
- Ethnicities
- Personal contact details
This information was published online in November 2018 and was freely available. This was a clear breach of the Data Protection Act 2018 and GDPR.
The Blackpool Gazette have reported that over 400 people's details were revealed in the breach.
The post containing the sensitive information has now been removed, replaced with a disclaimer which reads: “This message has been hidden. Accidental release of sensitive personal information”.
In an email to an HMO licence holder, a Blackpool Council Data Protection Officer said that:
- They admitted the publication of this data was a breach of GDPR
- They would be self-reporting the matter to the Information Commissioner’s Office (ICO) which is the responsible regulatory body for dealing with data breaches
- They formally apologised for the accidental exposure of the HMO licence holder’s personal data
Once the ICO is notified of a data breach, it will investigate and, where appropriate, take action. This may include requiring the organisation responsible for a breach to pay a fine and/or to take steps to improve their processes to avoid the risk of future breaches.
Hayes Connor is currently acting for several clients affected by the Blackpool Council HMO FOI data breach and is ready to advise anyone else who may have been impacted.
Wondering if you may be entitled to compensation for the Blackpool Council HMO licences data breach? Please get in touch.
What to do if you are worried about the Blackpool Council HMO licence holder data breach
If your details were exposed in the Blackpool Council HMO licence holder Freedom of Information data breach, the council should contact you directly.
Worried your details may have been included in the breach and you have not been contacted? You can contact Blackpool Council for more information. You can also check if your email address has been exposed using a website such as haveibeenpwned.com.
If your details may have been exposed, you should be careful to avoid the risk of being the victim of a scam or any type of fraud by people using those details.
Be alert for any emails, phone calls or other communications you receive that could be fraudulent, especially from anyone claiming to represent Blackpool Council. These could be ‘phishing’ attacks aimed at extracting more personal information from you or scams intended to get you to transfer money to the scammers.
Never share any personal information with, or make any payment to, anyone who contacts you unless you are absolutely sure that they are legitimate and there is a valid reason to do so.
There are also various steps you can take to minimise the risks to you if your data may have fallen into the hands of cybercriminals. Take a look at our guide to what to do if your data has been stolen in a data breach to find out more.
If your details were exposed due to mistakes made by Blackpool Council, you will likely be owed compensation and this is something the team at Hayes Connor will be happy to discuss with you.
How Hayes Connor can help you claim compensation for the Blackpool Council HMO FOI data breach
Organisations such as local authorities have a legal duty to protect any personal data they handle. When a mistake is made that leads to that data being exposed, the people affected will likely have grounds for claiming data breach compensation.
Hayes Connor has one of the largest teams of data breach claims specialists in the country, with a wealth of combined experience. We are already representing several victims of the Blackpool Council HMO FOI data breach, so are well placed to provide fast, effective assistance if you have been impacted by this incident.
Our friendly, expert team can advise you on whether you are likely to have grounds for a claim, the level of compensation you may be entitled to and what you need to do to start a claim.
Our goal is to ensure that anyone who is affected by a data breach is able to get the compensation they deserve, while making the claims process as simple and stress-free as possible.
You can find out more about our expertise and how we handle data breach claims here.
To start a claim, you can use our online claim form.
To speak to a member of our team, please do not hesitate to give us a call on 0330 041 5135.