The Home Office has acknowledged its second serious data breach within a few days, with an email mistake releasing the details of 240 EU nationals applying for settled status.
It said that their names and email addresses were inadvertently made visible to others after a failure to paste them into the bcc box of a message it sent.
This comes days after it admitted to a similar error affecting up to 500 people who were interested in the Windrush compensation scheme, and that it had reported itself to the Information Commissioner’s Office.
A Home Office spokesperson said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen. As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”
According to a report by the BBC, the department has now taken steps to improve its systems and procedures.
ICO response
An ICO spokesperson said: “The Home Office have made us aware of an incident in relation to the EU Settlement Scheme and we will assess the information provided.”
The Home Office spokesperson also defended the operation of the EU Settlement Scheme.
“The EU Settlement Scheme is straightforward to use, with applicants only needing to complete three key steps - prove their identity, show that they live in the UK, and declare any criminal convictions. The Scheme, which is free of charge, is performing well and over 400,000 EU citizens have already applied, with over 50,000 applications received on the opening weekend.
“A declaratory system would cause confusion. We cannot have a situation where, in years to come, EU citizens who have built their lives here find themselves struggling to evidence their rights to live and work in the UK.