Email contained health and social care data.
A data breach affecting more than 5,000 individuals' records in Guernsey is being investigated.
An email was accidentally sent out on Thursday 18 April by the Guernsey Corporate Debt Management Team, and contained data relating to Health & Social Care (HSC) liabilities, according to media reports.
The data included information such as patient names, names of parents and guardians if the liability related to a child, the customer’s unique reference number, the document or invoice number, and the issue and due date.
Officials confirmed no medical records or details of procedures were included, and that there was no risk of the breach leading to identity fraud as insufficient data was shared.
Chief resources officer Bethan Haines said: “I know that this incident will cause frustration and distress and I want to unreservedly apologise for the lapse in the security of customer data. We take matters of data security extremely seriously and have taken immediate steps to strengthen our security measures, whilst we continue to investigate the incident to capture the lessons learnt.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
