Sutton Council issued an apology after it "accidentally" released the identities of those who had received benefits.
After disclosing the names of the family, their ages, the address of their home, their needs for a handicap and their mental health difficulties, the ICO penalised them £150,000.
When they learned about the incident, they erased the disputed data right away.
TPRM report: https://scoringcyber.rankiteo.com/company/london-borough-of-sutton
"id": "lon850271022",
"linkid": "london-borough-of-sutton",
"type": "Data Leak",
"date": "07/2017",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Public Administration',
'location': 'Sutton, UK',
'name': 'Sutton Council',
'type': 'Government'}],
'data_breach': {'personally_identifiable_information': ['names',
'ages',
'home addresses'],
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personal information',
'health information']},
'description': 'Sutton Council accidentally released the identities of '
'individuals who had received benefits, including sensitive '
'personal information.',
'impact': {'brand_reputation_impact': 'issued an apology',
'data_compromised': ['names',
'ages',
'home addresses',
'disability needs',
'mental health difficulties'],
'financial_loss': '£150,000 fine by ICO',
'legal_liabilities': 'fined £150,000 by ICO'},
'regulatory_compliance': {'fines_imposed': '£150,000',
'regulations_violated': 'Data Protection Act'},
'response': {'communication_strategy': 'issued an apology',
'containment_measures': 'erased the disputed data right away'},
'title': 'Sutton Council Data Breach',
'type': 'Data Breach'}