Home Office admits to Windrush compensation data breach

Immigration Minister Caroline Nokes says “an administrative error” exposed email addresses of vitcims

Windrush scandal protest

The Home Office has admitted to exposing the email addresses of migrants involved in the Windrush compensation scheme and breaching data protection regulations.

Immigration Minister Caroline Nokes released a statement apologising for the data breach which exposed some 500 email addresses, The Guardian reported.

"Regrettably, in promoting the scheme via email to interested parties, an administrative error was made, which has meant data protection requirements have not been met, for which the Home Office apologises unreservedly," said Nokes.

Advertisement - Article continues below

"This occurred in emails sent to some of the individuals and organisations who had registered an interest in being kept informed about the launch of the compensation scheme, which included other recipients' email addresses. Five batches of emails, each with 100 recipients, were affected. No other personal data was included."

An internal review of the incident has been launched and the issue has been referred to the Information Commissioner's Office. The ICO has yet to comment on the news.

Whether the administrative error was technical or down to human error has yet to be revealed, but it would suggest that some of the mechanisms behind government online schemes could do with an overhaul.

The Windrush payment scheme itself is designed to compensate migrants, who came over to the UK from Caribbean countries between 1948 and 1971, for any poor treatment they might have received after changes in immigration law in 2012, which saw those without documentation classified as illegal immigrants.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Public outcry to the manner in which the migrants were treated, despite living in the UK for decades, resulted in the Home Office setting up the compensation scheme.

The subsequent data breach occurred just one week after the compensation scheme was launched.

In July last year, the UK government was forced to apologise after accidentally allowing sensitive documents accessible through a Google search. An investigation revealed that names, phone numbers, email addresses, as well as calendar appointments and the details of those attending, were leaked through a misconfigured board hosted by web collaboration tool Trello.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/policy-legislation/data-protection/356344/eu-institutions-warned-against-purchasing-any-further
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020
Visit/mobile/mobile-phones/356335/the-man-has-ruined-my-huawei-p40
Mobile Phones

The Man has ruined my Huawei P40

3 Jul 2020