Improvements have been made to the way documents are published on Ceredigion County Council’s website following a data breach caused by “human error”, councillors have been told.
Ninety-eight exempt documents – some containing personal and sensitive information – were discovered on its website after the council was alerted by the Cambrian News last summer.
Members of the audit committee received a report from corporate lead officer customer contact Arwyn Morris outlining the cause of the breach and what had been done to stop it happening again.
Mr Morris told a council meeting last week that it was “human error” that caused the breach and now there was a “two-step authentication” process to publication, with two people checking any document was not exempt.
Major search engine companies were asked to “flush the cache” and a test was carried out to check the documents did not appear, the committee was told.
Eight documents were found to contain detailed health information Mr Morris said, and were assessed as higher risk.
Four of the people involved had died since the information was recorded in 2004 to 2006, but the other four were written to with an explanation and an apology.
The other information was considered lower risk, such as names and addresses, company names and transactions for the sale of land. But Cllr Hag Harries said that data such as this was not always low risk.
“It’s not readily available if someone is fleeing violence or something like that. It could seem trivial or it could mean loss of life for somebody,” he said.
See this week’s south papers for the full story, available in shops and as a digital edition now






Comments
This article has no comments yet. Be the first to leave a comment.