The outsourcing company Serco accidentally shared the email addresses of almost 300 contact tracers recruited to assist in the UK government’s coronavirus “test, track, and trace” strategy.
Serco is among the companies that are recruiting, coaching, and managing contact tracers who do not have clinical training.
The email addresses were shared when Serco was contacting new recruits about training.
The 296 email addresses were exposed when a member of staff at Serco wrote to trainees asking them not to contact the helpdesk if they had questions about training.
TPRM report: https://scoringcyber.rankiteo.com/company/serco
"id": "ser2217291222",
"linkid": "serco",
"type": "Data Leak",
"date": "05/2020",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'customers_affected': '296',
'industry': 'Government Services',
'location': 'UK',
'name': 'Serco',
'type': 'Outsourcing Company'}],
'attack_vector': 'Accidental Sharing',
'data_breach': {'number_of_records_exposed': '296',
'type_of_data_compromised': 'Email Addresses'},
'description': 'The outsourcing company Serco accidentally shared the email '
'addresses of almost 300 contact tracers recruited to assist '
"in the UK government’s coronavirus 'test, track, and trace' "
'strategy. Serco is among the companies that are recruiting, '
'coaching, and managing contact tracers who do not have '
'clinical training. The email addresses were shared when Serco '
'was contacting new recruits about training. The 296 email '
'addresses were exposed when a member of staff at Serco wrote '
'to trainees asking them not to contact the helpdesk if they '
'had questions about training.',
'impact': {'data_compromised': 'Email Addresses'},
'title': 'Serco Email Address Leak Incident',
'type': 'Data Leak'}