ICO reprimand of Post Office over postmaster data breach
Regulatory/Legal Action
Summary
Hide ▲
Show ▼
The ICO issued a reprimand to the Post Office instead of a fine after reviewing a 2024 data breach that exposed the personal details of 502 postmasters. The breach came from an unredacted legal settlement document posted on the company website, making names, home addresses and postmaster status publicly accessible. The regulator said it had considered a penalty of just under £1.1m but did not view the case as “egregious” under its public-sector approach.
Related Happenings
ICO fine against South Staffordshire Water for data breach
Regulatory/Legal Action
First: 12.05.2026 11:30
Last: 12.05.2026 11:30
Sources 1
About this happening:
The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...
ICO fine against South Staffordshire Water for data breach
Regulatory/Legal ActionAbout this happening: The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...
ICO fines Police Scotland over phone data disclosure
Regulatory/Legal Action
First: 12.03.2026 12:30
Last: 12.03.2026 12:30
Sources 1
About this happening:
**The ICO** fined **Police Scotland** **£66,000** and reprimanded the force for a **data protection failure** that exposed a female officer’s phone contents to a colleague she acc...
ICO fines Police Scotland over phone data disclosure
Regulatory/Legal ActionAbout this happening: **The ICO** fined **Police Scotland** **£66,000** and reprimanded the force for a **data protection failure** that exposed a female officer’s phone contents to a colleague she acc...
Post Office postmaster personal data exposure
Data Leak
First: 04.12.2025 11:35
Last: 04.12.2025 11:35
Sources 1
How related:
the names, home addresses and postmaster status of 502 people were made publicly accessible from April 25 to June 19 2024.
About this happening:
The **Post Office** exposed the personal data of **502 postmasters** after publishing an **unredacted settlement document**, creating privacy and identity-theft risk. The leaked i...
Post Office postmaster personal data exposure
Data LeakHow related: the names, home addresses and postmaster status of 502 people were made publicly accessible from April 25 to June 19 2024.
About this happening: The **Post Office** exposed the personal data of **502 postmasters** after publishing an **unredacted settlement document**, creating privacy and identity-theft risk. The leaked i...
ICO £14m penalty against Capita over 2023 breach
Regulatory/Legal Action
First: 15.10.2025 12:00
Last: 15.10.2025 12:00
Sources 1
About this happening:
**Capita** will not appeal a **£14m** penalty imposed by the **ICO** over security failings tied to a **2023 data breach** that affected **nearly seven million people**. The enfor...
ICO £14m penalty against Capita over 2023 breach
Regulatory/Legal ActionAbout this happening: **Capita** will not appeal a **£14m** penalty imposed by the **ICO** over security failings tied to a **2023 data breach** that affected **nearly seven million people**. The enfor...
Renault and Dacia UK customer data leak at third-party provider
Data Leak
First: 03.10.2025 18:52
Last: 03.10.2025 18:52
Sources 1
About this happening:
The **Renault** and **Dacia UK** data leak exposed some customers' personal data after a **third-party provider** was compromised. The exposed records included **full names**, **p...
Renault and Dacia UK customer data leak at third-party provider
Data LeakAbout this happening: The **Renault** and **Dacia UK** data leak exposed some customers' personal data after a **third-party provider** was compromised. The exposed records included **full names**, **p...
Timeline
-
04.12.2025 11:35 2 articles · 5mo ago
ICO reprimands Post Office over postmaster data breach
Legal Policy Action UpdateThe Information Commissioner’s Office said the Post Office received a reprimand rather than a fine after an unredacted legal settlement document on the Post Office corporate website made the names, home addresses and postmaster status of 502 people publicly accessible from April 25 to June 19 2024. The regulator said it had considered a fine of just under £1.1m under its public sector approach, but the infringements did not meet the threshold of “egregious”; the Post Office also offered compensation to impacted people and 24 months of identity protection, removed cached versions from search engines, and created an emergency working group and a documented publication policy.
Show sources
- Post Office Escapes £1m Fine After Postmaster Data Breach — www.infosecurity-magazine.com — 04.12.2025 11:35
- Post Office Escapes £1m Fine After Postmaster Data Breach — www.infosecurity-magazine.com — 04.12.2025 11:35