Officials’ personal info published online by government lawyers in ‘regrettable’ data leak

Written by Tevye Markson on 24 August 2022 in News

Government Legal Department is investigating after names of civil servants were not removed from transparency documents

Credit: Gustavo Ferreira Gustavo/Pixabay

The Government Legal Department has launched an investigation after a data leak in which the names of civil servants claiming expenses was published online.

Documents showing officials' names were published on GOV.UK accidentally and stayed up for a week. The dossier showed credit-card spend at the department of more than £500 between November 2021 and May 2022, which must be published by law for transparency reasons.

The figures included £1,120 spent on a pottery class as part of a team-building day, which 35 officials took part in – a cost of £32 per head. 

It also included the names of civil servants, which should not be revealed under data-protection regulations.

The department said it is “investigating this regrettable incident under data-protection rules and reviewing the process which resulted in the names of some staff members being released accidentally on a public website”.

A spokesperson for GLD, which gives legal advice on policy, said the department would not be "commenting publicly further at this time”.

Related content

Shadow attorney general Emily Thornberry on Sunday criticised the data leak and took aim at the department's use of funds.

She told the Sun: “I don’t know what’s worse, the attorney-general breaching her own data-protection rules by mistake or her civil servants spending their working days painting pottery. Either way, it’s yet more evidence of a zombie government, lurching aimlessly from one calamity to the next.”

A government source told the newspaper the ceramics painting was took up only part of one training day.

In criticising the away day, Thornberry mimicked recent attacks from attorney general Suella Braverman and government efficiency minister Jacob Rees-Mogg on learning and development courses currently offered to civil servants.

Braverman said earlier this month that she has ordered GLD officials to scrap diversity training after finding staff had spent nearly 2,000 hours on courses last year – around 40 minutes per staff member.

The same week, Jacob Rees-Mogg said officials need "focused learning, not woke folderol" such as courses on privilege. 

Thronberry pointed to Braverman's previous comments in a tweet today responding to GLD's announcement it would launch a data breach investigation.

“It seems very odd that Suella Braverman was so furious about her staff doing diversity training but thinks painting pottery instead is just fine," she said.

The GLD error is one of several high-profile data breaches in the last year.

In February, the Department for Levelling Up exposed civil servants' personal data by not properly redacting personal details from a contract document, as revealed by PublicTechnology.

In September 2021, the Ministry of Defence launched an investigation into how the identities of 250 Afghanistan-based interpreters who worked with UK forces were compromised in a group email. This followed a national security incident where a civil servant left MoD documents in a “soggy heap” near a bus stop in Kent.


About the author

Tevye Markson is a reporter at PublicTechnology sister publication Civil Service World, where a version of this story first appeared. He tweets as @TevyeMarkson.

Share this page




Please login to post a comment or register for a free account.

Related Articles

MoJ reprimanded by ICO after ‘bags of confidential documents’ exposed for over two weeks
25 May 2023

Sensitive data was left unsecured in prison holding area, according to data watchdog

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

WhatsApp and private email banned for government use at higher security tiers
13 April 2023

Officials are warned that, if they choose to use non-corporate channels, they must 'be prepared to defend your choices'

TikTok hit with £12.7m fine for unlawful use of children’s data
4 April 2023

ICO investigation finds that video platform failed to prevent more than one million underage users signing up

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...