A data breach forced this family to move home and change their names

Sometimes a free credit report in recompense is nowhere near enough.

Five million Bulgarians get their data hacked (the country only has 7 million!) Source of the data breach appears to be the country's National Revenue Agency.

Data breaches are a common event in today's society, together with ransomware attacks, information leaks, and state-sponsored campaigns. 

You hear the same thing time after time -- consumers are often the victim, and a successful cyberattack can lead to the compromise and theft of information including names, dates of birth, Social Security numbers, and more. 

However, sometimes, it is crucial that this data does not land in the public domain for the physical safety of those involved. 

In the London Borough of Hackney, a recent case emerged when a data breach had far more devastating consequences than most of us would ever experience. 

See also: UK, EU police pilot scheme to give wayward teen hackers white hats

As reported by the Hackney Gazette, a family in the area adopted a child and the details of who they were and where they lived were meant to be withheld from the birth parents. 

However, during the adoption process in 2016, a solicitor appointed by Hackney Council mistakenly included an unredacted copy of the application form. The publication says that the exposed, sensitive data included the couple's names, addresses, phone numbers, dates of birth, and occupations. 

The scope of the breach was serious enough that the couple spoke to both the council and police, and ultimately decided that moving home and changing their names was the safest option for their adopted child. 

TechRepublic: Email persists as a major avenue for cyberattacks in 2019

Hackney Council acknowledged their mistake and paid out £106,000 ($131,000) in damages, which also helped facilitate the house move. The council apologized to the couple for the "human error."

The UK's Information Commissioner's Office (ICO) was also notified. The data watchdog said that the breach had "potential to cause significant distress and detriment," but no further action was required beyond the council's compensation offer. 

While this data breach was not the result of a malicious attacker, it does highlight that information leaks can have a real impact on the daily lives of normal families. 

CNET: Equifax breach: See if you're eligible, how to file a claim and see how much you'll get

You can have the best perimeter security in its class but if your staff are not trained to check and double-check where the data they guard is going, this will not be the last time we hear of entire lives being uprooted -- to the point where identities have to be changed -- due to a single human error. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0