Scottish Borders Council is investigating their email procedures after a data breach affected around 600 customers in the area.
The council have been emailing around 1,300 residents in the Borders to inform them that they are eligible for a payment due to the receipt of free school meals, however, three emails were sent to multiple individuals and all recipient email addresses were visible.
Scottish Borders Council is taking the incident very seriously and have discussed it with the Information Commissioner’s Office and are taking steps to put in place a technical solution to minimise the chances of a similar incident happening again.
They are currently investigating whether there is a solution which can significantly reduce or prevent a high volume of email addresses being included in email ‘To’ or ‘CC’ fields without manager authorisation, as this would minimise the likelihood of a similar incident recurring again.
Whilst a technical solution is explored by the council, manual procedures will be implemented to ensure that all emails sent to multiple recipients are approved by a senior staff member.
Commenting, a spokesperson for Scottish Borders Council said: “We would like to apologise unreservedly to all our customers affected by this data breach and for any distress or embarrassment this has caused.
“Those customers who have received an email which includes others’ email addresses are asked to delete it.
“Individual email addresses were disclosed, this is personal information. The content of the email also outlined that eligibility for the payment was due to the receipt of free school meals, which we absolutely appreciate is a sensitive matter for individuals.”