#Privacy: RideLondon discloses data breach

Organisers of Ride London cycling event have apologised over an error resulting in a data breach impacting just under 2,100 people. 

RideLondon, is a popular 100-mile cycling event which takes place in London and Surrey. Due to it being oversubscribed, a ballot system is used in order to select applicants.

However, a mix-up has resulted in the acceptance letters of the successful entrants being labelled and delivered to a different individual. 

Many have taken to Twitter to share their dismay when realising the letter was not for them.

One Twitter user wrote: “Home to an envelope addressed to me….. with someone elses personal successful ballet details inside. Very concerned my personal details are on someone elses doormat. Really hope this is being looked into urgently…”

London & Surrey Cycling Partnership, organisers of RideLondon, chief executive Nick Bitel said that it believed that less than 3% of the total number of people who entered (70,000) have been impacted. 

“We are working with our contractors to establish the full facts but it appears that the issue was caused by an error in the collation of the acceptance letter and the addressed envelope in the final stages of a mailing process which led to the people affected receiving the name, address and date of birth of one other person,” Bitel added.

Bitel said the Information Commissioner’s Office (ICO) has been informed about the incident, however the ICO has said that it has yet to receive a data breach report from London & Surrey Cycling Partnership. 

“We apologise sincerely for this error and will be contacting all the people affected.”

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/