Independent Age data breach merits no regulator action

Stephen White reports:

Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker.

The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request).

Independent Age says that the security breach compromised personal data, including bank information, sort codes, account numbers, pension contributions, and wages details of almost all of its 170-strong workforce. Donor and service user data was also caught up in the incident.

Read more on GDPR.Report.

h/t @VERISDB

About the author: Dissent