Data breach by council’s software contractor led to public release of residents’ details

The information, which included names and people’s council tax balances, was briefly put in a digital public folder in May by the council’s software contractor

Credit: Tech Daily via Unsplash

Waltham Forest Council has said its software contractor Capita briefly exposed private information from residents in May. 

The council says it was notified on Tuesday 16th May that private details belonging to Waltham Forest residents had been briefly put in a digitally accessible public folder which could be viewed from people outside Capita.

In a public statement about the data breach, the council said other councils across the country had also been affected. 

The information included residents names and people’s council tax balances of 1 April 2022, in addition to some data relating to business rates. The council says no bank or payment details were exposed in the data breach. 

The council said: “We are unhappy that Capita has failed in the duty of care we expect of our suppliers and the incident has been referred into the [UK data protection watchdog] Information Commissioner’s Office.” 

This story is published by Waltham Forest Echo, Waltham Forest's free monthly newspaper and free news website. We are a not-for-profit publication, published by a small social enterprise. We have no rich backers and rely on the support of our readers. Donate or become a supporter.

Waltham Forest Council said Capita told them “they have found nothing to suggest” that exposed details have been used illegally and that the risk from the breach is “low”.

A Capita spokesperson told the Echo: “There is currently no evidence that any data has been accessed inappropriately. The data is secure and no longer accessible.”

The council has asked those who believe they may have been affected by the data breach to call 0208 496 3000 and check with them directly.

Meanwhile, last week it was revealed that a Russian hacking group hacked Barts Health NHS Trust, which manages Whipps Cross Hospital. The group is threatening to release seven terabytes of stolen information

The data breach could potentially affect 2.5 million people as the NHS Trust manages St. Bartholomew’s, the Royal London, Mile End, and Newham in addition to Whipps Cross Hospital. A spokesperson for Barts Health NHS Trust told the Echo: “We are aware of claims of a ransomware attack and are urgently investigating.”

Note: This article has been updated to include a comment from Capita

No news is bad news 

Independent news outlets like ours – reporting for the community without rich backers – are under threat of closure, turning British towns into news deserts. 

The audiences they serve know less, understand less, and can do less. 

If our coverage has helped you understand our community a little bit better, please consider supporting us with a monthly, yearly or one-off donation. 

Choose the news. Don’t lose the news.

Monthly direct debit 

Annual direct debit

£5 per month supporters get a digital copy of each month’s paper before anyone else, £10 per month supporters get a digital copy of each month’s paper before anyone else and a print copy posted to them each month.  £50 annual supporters get a digital copy of each month's paper before anyone else.

Donate now with Pay Pal

More information on supporting us monthly or annually 

More Information about donations