![[Finland] Security Service accidentally emailed out confidential payroll data](http://gpa.net/cdn/shop/articles/bigstock-Computer-Keyboard-With-Securit-3183564_1200x.jpg?v=1708935491)
In 2023 Supo - the Finnish Security and Intelligence Service - accidentally emailed confidential employee data to an external gmail account, Yle reports.
According to Finnish news agency STT, Supo sent the information of all its employees to an external email last year.
The mistakenly sent file reportedly held information - including confidential data - about nearly all of Supo’s 600 employees.
The email error occurred in the summer of 2023 when a Supo employee on a leave of absence requested their own pay slips from Supo's personnel administration. Supo made a service request to the state's HR service centre (the Finnish Government Shared Services Centre for Finance and HR) regarding the matter.
Supo's notice to the Data Protection Ombudsman shows that it only checked one of the attachments from the centre before forwarding it to the employee. The files went through a secure mail service to the employee's personal gmail account.
Later that day the employee reportedly contacted Supo to say that one of the files appeared to contain its entire payroll, including the information of up to 586 workers.
This list reportedly included employees' home addresses, salary information and details related to their recruitment.
Supo stated that the data breach was due to carelessness both at the service centre and Supo. It reportedly assessed the breach to be so minor that there was no need to notify employees of the data breach.
Supo reportedly said that the likelihood of misuse or further dissemination of the data was 'extremely small'.
The Data Protection Ombudsman's office also concluded that the incident did not warrant further action.
Source: Yle
In 2023 Supo - the Finnish Security and Intelligence Service - accidentally emailed confidential employee data to an external gmail account, Yle reports.
According to Finnish news agency STT, Supo sent the information of all its employees to an external email last year.
The mistakenly sent file reportedly held information - including confidential data - about nearly all of Supo’s 600 employees.
The email error occurred in the summer of 2023 when a Supo employee on a leave of absence requested their own pay slips from Supo's personnel administration. Supo made a service request to the state's HR service centre (the Finnish Government Shared Services Centre for Finance and HR) regarding the matter.
Supo's notice to the Data Protection Ombudsman shows that it only checked one of the attachments from the centre before forwarding it to the employee. The files went through a secure mail service to the employee's personal gmail account.
Later that day the employee reportedly contacted Supo to say that one of the files appeared to contain its entire payroll, including the information of up to 586 workers.
This list reportedly included employees' home addresses, salary information and details related to their recruitment.
Supo stated that the data breach was due to carelessness both at the service centre and Supo. It reportedly assessed the breach to be so minor that there was no need to notify employees of the data breach.
Supo reportedly said that the likelihood of misuse or further dissemination of the data was 'extremely small'.
The Data Protection Ombudsman's office also concluded that the incident did not warrant further action.
Source: Yle