Lewisham Council leaks data of 156 residents for almost a year
Learn More
Lewisham Council in South London has caused a data leak where personal details of 156 residents who commented on a planning application were publicly available on the council’s website for nearly a year.
This breach occurred when a file containing these details was uploaded to the council's website in March 2023. The issue was only discovered in February of 2024 after a member of the public alerted the council. The breach was addressed by removing the document and notifying the affected individuals. However, the Information Commissioner’s Office (ICO) was not informed.
The exposed information included:
- Names
- Addresses
- Contact details
The cabinet member for finance, explained that the ICO was not notified because the council concluded that the breach did not include 'special category data' (such as details on race, religion, belief, sexual orientation, or health) and that much of the breached data was already in the public domain (e.g., electoral roll).
No details are disclosed about how the incident was caused, whether any procedures were lacking or breached.
