Data leak put thousands of Utrecht residents' info on streets

The personal data of thousands of Utrecht residents was available for anyone to look at due to a so-called data leak at the municipality of Utrecht earlier this year, the Telegraaf reports based on documents received through the Freedom of Information Act. In total 316 pages of names with corresponding social security numbers were unprotected on the municipality's intranet. It involves a minimum of 5 thousand and a maximum of 140 thousand Utrecht residents. As the data was on the intranet, it is unlikely that anyone outside the municipality's about 4 thousand employees saw the information. According to the municipality, misuse of the data was not detected, but can not be ruled out. The data leak was discovered by an official working at the municipality on March 3rd. The leak was fixed and the Personal Data Authority was informed, though a day after the 72 hour deadline. All affected residents were notified. According to the newspaper, the parts that show which municipal site was involved were blacked out on the documents. The newspaper also revealed that there were a total of nine data leaks at the municipality up until May, two severe enough that the Personal Data Authority was informed. The other severe leak involved a copy of a passport and bank card being sent by email.