Council apologises for free school meals payment data breach

A Scottish local authority has apologised for a data breach after mistakenly sending out ‘sensitive’ information on free school meals claimants to multiple email addresses. 

Scottish Borders council spotted the IT blunder as it tried to contact 1,300 residents to inform them of their eligibility for £75 direct payments covering the cost of meals during lockdown.

It sent out three emails totalling 600 recipients for Covid hardship payments before picking up on an error where it made those email addresses visible to everyone.

A Scottish Borders Council spokesperson said: “We would like to apologise unreservedly to all our customers affected by this data breach and for any distress or embarrassment this has caused.

“Those customers who have received an email which includes others’ email addresses are asked to delete it. All payments will be made as planned to these individuals.

“Individual email addresses were disclosed, this is personal information. The content of the email also outlined that eligibility for the payment was due to the receipt of free school meals, which we absolutely appreciate is a sensitive matter for individuals.

“We are taking the incident very seriously and have discussed it with the Information Commissioner’s Office. We are taking steps to put in place a technical solution to minimise the chances of a similar incident occurring again.”

All those eligible for the payment were to be contacted to confirm their entitlement and payment arrangements before the end of last week.

Scottish Borders Council was praised this week for conducting its business in an “open and transparent manner”, according to an Audit Scotland report.