Mermaids children's charity apologise for data breach

The transgender support group notified the ICO about accidentally exposing personal emails

Rainbow laptop

A charity that supports transgender children has issued an apology after a data leak led to the publication of personal emails.

Mermaids, which is a UK organisation that provides support and advice to transgender or non-transgender-conforming children, said it took immediate action after being made aware of the issue on Friday.

The data was published online after chief executive, Susie Green, set up a private email group to share information with the charity's trustees, according to The Guardian, but the online platform was publicly accessible.

The details of the leak were first reported in The Sunday Times, which said that more than 1,000 pages of the organisation's internal confidential emails had been accidentally published online. The report also said that the leaked information included "anguished" messages from parents about their children's suffering.

Advertisement
Advertisement - Article continues below

"The correspondence includes names, addresses and telephone numbers," The Sunday Times reported. "The material could be found online simply by typing in Mermaids and its charity number."

But the charity has denied this in a statement and said that the information, which contained internal emails from 2016 and 2017, was only accessible through "certain precise search-terms", adding that it could not be found unless the person searching for the information was already aware that it could be found.

Where The Sunday Times reported "anguished" messages from parents, Mermaids said it was material that mainly consisted of internal information involving "full and frank discussion of matters relevant to Mermaids", which included some information identifying a small number of service users.

Having contacted the ICO, the charity has said it's following the watchdog's guidance and has contacted those affected.

"The overall position is that there was an inadvertent breach, which has been rapidly remedied and promptly reported to the ICO, and there is no evidence that any of this information was retrieved by anybody other than the Sunday Times and those service users contacted by the journalist in pursuit of their story," Mermaids said in a statement.

"Mermaids apologises for the breach. Even though we have acted promptly and thoroughly, we are sorry. At the time of 2016-2017, Mermaids was a smaller but growing organisation. Mermaids now has the internal processes and access to technical support which should mean such breaches cannot now occur."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/business/business-strategy/354304/ex-apple-cpu-architect-accuses-the-firm-of-invading-privacy
Business strategy

Ex-Apple CPU architect accuses the firm of invading privacy

10 Dec 2019
Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019