A data breach involving the personal details of hundreds of Northern Ireland Prison Service employees has been described as “a major embarrassment”.
However, it is not being treated as a major security breach.
A junior employee at the Department of Justice sent a spreadsheet with names and dates of birth of prison officers and civilian staff.
It was mistakenly sent to an outside contractor.
The person who received the information is employed by a company that carries out work for the prison service, and they have been security vetted.
It is understood that the recipient contacted the Department of Justice to make them aware of the mistake, and deleted the information they had been sent.
Prison officers who contacted the BBC after the department informed them about the data breach expressed concern about their personal security. The sources told the BBC that the lives of prison officers and civilian staff had not been put at risk, because the information had been quickly deleted.
In a statement, the Department of Justice confirmed that an incident occurred and said it takes its obligations under data protection legislation very seriously. It added: “A full investigation is under way and the incident has been reported to the Information Commissioner’s Office.”
While the department has played down the significance of the incident, it is clearly not the kind of issue new justice minister Claire Sugden would have wanted to land in her in-tray on her first day in the job.