Over 40,000 London Voters Have Data Leaked to Strangers

Written by

Tens of thousands of London residents have had their personal details accidentally leaked by their council after emails were sent to the wrong recipients.

The electoral services department of Wandsworth Council in the south-west of the capital sent out the routine emails to registered voters at the end of last week.

They were intended to clarify changes to electoral ward boundaries ahead of upcoming local elections.

However, 43,000 voters – representing around 13% of local residents – received names, addresses and voting instructions for people other than those in their household.

An initial emailed apology said merely that “there was a problem with the data merge” and that no electoral fraud could result. A follow-up message asked the recipient to delete the erroneously sent email and explained that any of the information accidentally leaked was in any case available on a public electoral register.

“We would like to reassure residents that the information contained in these emails is all publicly available in the borough’s electoral register, which is an open document that can be inspected by any member of the public at any time during the year,” read a statement posted by the council to Twitter.

“The emails did not contain any information beyond what is already in the public domain.”

Judging by the number of concerned residents commenting on the statement, it has done little to allay voters’ fears.

Fleur Anderson, Labour MP for Putney and former Wandsworth Borough council member, told local media that the breach by the Conservative majority council was on “an unprecedented scale” and branded it an “unacceptable” incident.

“It is chilling and very worrying for everyone whose personal details have been shared with strangers. The council does not seem to accept the severity of this as its very weak response to everyone affected shows,” she added.

“They can’t be trusted with our data, and how can we be sure this won’t happen again?”

Early reports suggest the Information Commissioner’s Office (ICO) is not likely to open a formal investigation.

What’s hot on Infosecurity Magazine?