Brexit data breach: Home Office admits sharing details of hundreds of EU citizens seeking settled status

The Home Office has apologised for committing its second potential data breach of UK residents in a week after accidentally sharing the details of hundreds of EU nationals seeking settled status.

The department has informed 240 applicants it “inadvertently” shared their email addresses with others who had applied under the scheme, in its attempt to establish the reasons behind “technical difficulties” they had been experiencing.

In an email to the EU nationals affected by the latest error, the department said: “We take this opportunity to apologise for any inconvenience caused by this incident. We value your patience and understanding at this time. We would like to reassure you that we are taking this matter very seriously.”

The admission comes just days after the Home Office apologised to members of the Windrush generation again after admitting it wrongly shared 500 private email addresses while launching the compensation scheme.

Shadow home secretary Diane Abbott said: “Under this shambolic government the Tories’ mismanagement of the Home Office stands out as being the most shambolic of all.

“Data breaches are now a matter of routine, while all those who are unfortunate enough to have to deal with the Home Office face a combination of indifference, incompetence and the hostile environment.”

EU citizens who have been affected said they felt they were being treated like “second-class citizens”, while one claimed their data wasn’t safe with the UK government because it “didn’t even know who was in this country”.

Danish national Natasha Jung, who received the email on Wednesday evening, said: “When will the UK wake up and realise that EU citizens are being treated as second-class citizens? We have had zero say in the entire process, despite Brexit affecting us the most.”

Another EU citizen, also Danish, tweeted: “Not only am I not welcome, my own data is not even safe by the government who requested said data because they don’t even know who is in this country!”

Nicolas Hatton, cofounder of campaign group the3million, said: “3.6 million EU citizens are forced to entrust the Home Office with their most sensitive data.

“A data breach within the first week of the settled status launch does raise the question whether the Home Office has the right safeguards in place to keep our data safe.”

The Home Office said in the email it was “taking this matter very seriously” and it would be “addressing the issue with [its] agents”.

A spokesperson said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen.

“As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”

More than 400,000 European Union nationals have so far applied to settle their status under the scheme.