The council then sent apologetic emails to those affected and informed them of the action to be taken.
The council said: "The results of the investigation showed that a group email address was used on July 23 to send an email to certain individuals. However, instead of using the "BCC" field, the "to" field was used by mistake, which means that the email addresses were made visible to all other recipients. The investigation found that they did not exist personally data in the content of the email itself, but that the personal email addresses were inadvertently shared with other recipients. ”
"As a result of the concerns and the incident, we followed our internal procedure when such incidents occur and took immediate steps to ensure that the danger mitigated as much as possible. ”
"The first mitigation was the attempt to withdraw the message, but it was not successful. We then sent a further email asking recipients to delete the incorrectly sent email and we keep a record of all confirmations where this has been done and will continue with the rest. ”
"Our data protection officer conducted a risk assessment of the breach and discussed the incident with the Office of the Information Commissioner to ensure that appropriate measures were taken to reduce any risk."
The email further states that all team members will be required to complete the mandatory data protection training again if they have not already done so in the last two months.
The incident will also be reported in future group meetings, through staff correspondence and procedures will be reviewed.