Clare County Council Confirms Data Breach Involving Release Of Personal Information Of Former Tenants

Photo (c) Clare County Council

Clare County Council has confirmed a data breach which involved the release of personal information of 72 people, as well as 13 who have passed away.

The local authority says the data was released in error, as part of a response to a Freedom of Information request about vacant Council houses and that those affected are being notified.



Clare County Council says it became aware of the data breach on Thursday last, when contacted by the newspaper journalist who had sought the information.

The personal data, which was released to the Sunday Independent, consists of names and former tenancy addresses, the property acquisition type and the category of reason for ending the tenancy.

In two cases, health data was involved, such as the reason a person was hospitalised.

In a small number of other cases, additional personal data was released, including tenancy notifications that have been issued, a request to be removed from the tenancy, a closing debit on a rent account and the cost of proposed works to the house.

The local authority says it’s been assured that the personal data released is being held securely, will not be shared or published and will be securely destroyed in due course.

Clare County Council is in the process of contacting those affected, who are former tenants at the former addresses released, and the Data Protection Commission was notified of the data breach on the 13th of January.

The Council says it’s established review measures on FOI record releases, to ensure a similar data breach doesn’t happen again.