Earlier in 2021, it was revealed that Blackpool Council accidentally breached the data of 428 people. The information included personal information about local landlords. The Blackpool Council data breach happened when the Council responded to a Freedom of Information request asking for a list of local House in Multiple Occupation (HMO) licences.
While the Council was right to respond to the request, it provided more information that it should have. As a result many HMO licence holders had their personal information – including their contact details, dates of birth, and ethnicities – posted online. This is a clear breach of the Data Protection Act (the UK’s interpretation of GDPR).
While this breach was caused by an accidental release of sensitive personal information, rather than a deliberate hack by cybercriminals, for those affected, the impact could be the same. And, because this information was made publicly available and could have fallen into the wrong hands, Blackpool landlords involved in this breach are now at risk of fraud, phishing, and other attacks.
A clear breach of your data protection rights
Blackpool Council admitted that this incident was a breach of GDPR and has reported itself to the Information Commissioner’s Office (ICO) (which it is legally obliged to do).
The council has also informed the 428 individuals concerned. These people are now eligible to make a Blackpool Council data breach claim with Keller Postman UK.
Commenting on the breach, an ICO spokesman said:
”People have the right to expect that their personal information is handled securely by any organisation.
“If anyone is concerned about their personal information they should contact the Council, if they are not satisfied with their response, they can bring their concerns to us.
“Blackpool Council reported a breach to us and we will be assessing the information provided.”
However, while the ICO can investigate data breaches, and fine offending organisations for poor security processes, it does not award compensation to victims. The only way to get financial redress for a data breach is to make a compensation claim.
