Cabinet Office works to manage fallout of honours data leak calamity

Written by Jonathan Owen on 6 January 2020 in News

Security advice reportedly offered to those whose details were leaked – which included celebrities such as Ben Stokes and Nadiya Hussain

Credit:  Matt Crossick/PA Wire/PA Images

Government officials are offering security advice and guidance to the victims of the New Year Honours data leak after the Cabinet Office published the addresses of recipients.

It is understood that civil servants from different departments are working across government in a bid to ensure that any potential risks to individuals are minimised.

The private addresses of hundreds of high-profile individuals and senior officials, ranging from Sir Elton John (pictured above) to the Cabinet Office’s own newly knighted permanent secretary John Manzoni, were leaked online when the honours list was first published last Friday.

One of those affected, former cabinet minister Iain Duncan Smith, said: “Ministers need to be asking some very serious questions of those involved about how this was allowed to happen and why no final checks were carried out before the document was published."

The former work and pensions secretary, who was knighted in the latest honours list, dubbed the leak a "complete disaster."

Related content

He added: “Everybody knows virtually everything about me. It's much more concerning for private citizens, like those who have been involved in policing or counter-terrorism or other such sensitive cases, to have their addresses published."

Lord Bob Kerslake, a former head of the civil service, called the leak “a serious and indeed extraordinary breach”, given that details about New Year honours recipients is published annually. 

“This is a well-established process that has gone on in pretty much the same way for years, so I think an urgent investigation is certainly needed.”

While the leak is “likely to be human error” there are questions over how well staff were trained about the importance of maintaining security, he said.

The Cabinet Office is not commenting on the security advice being given to people whose addresses were made public.

In a statement, a Cabinet Office spokesperson said: "A version of the New Year Honours 2020 list was published in error which contained recipients' addresses. The information was removed as soon as possible. We apologise to all those affected and are looking into how this happened.”

They added: "We have reported the matter to the Information Commissioner’s Office and are contacting all those affected directly."

The ICO has begun an investigation into the leak. In a tweet, it said: “In response to reports of a data breach involving the Cabinet Office and the NY Honours list, the ICO will be making enquiries.”

If the government is found to have breached the General Data Protection Regulation, it could face a fine.

Conservative MP Sir Bernard Jenkin, the former chairman of the public administration and constitutional affairs select committee, said yesterday that “the civil service will be agonising over how this happened. There will clearly be an investigation to establish exactly who decided what. They must publish the findings as soon as possible."

He added that it is "far more important to find out how the mistake was made than to find one individual to punish because it is likely that there was miscommunication or a misunderstanding or an innocent oversight rather than gross negligence or even malice.”

This article originally appears on PublicTechnology sister publication Civil Service World


Share this page




Please login to post a comment or register for a free account.

Related Articles

Home secretary admits sending multiple documents to personal email
1 November 2022

Braverman reveals six occasions on which guidelines were breached – but claims no information on law enforcement, security or cyber issues was sent

Tech giants paying ‘significantly more tax’ following HMRC digital services levy
1 December 2022

Tax agency raised £83m more than expected during 2021 fiscal year

Public covid probe seeks data leader to take on ‘critical role for the inquiry’s reputation’
1 December 2022

Post comes with £70,000-plus salary and responsibility for data protection 

EXCL: Cabinet Office alerted to data breach – and fails to respond for 10 days
25 November 2022

Personal details of civil servant and supplier exposed by inadequately redacted document, discovered by PublicTechnology