The watchdog responsible for MPs’ pay and expenses in the UK is investigating a “serious data breach” after a document containing confidential details about MPs’ staff was wrongly posted online.
The Independent Parliamentary Standards Authority (Ipsa) said the document was uploaded in error on an old website on Thursday night. It included confidential personal information about MPs’ staff names, salaries, rewards, working patterns and holiday entitlements.
In a letter to MPs, Ipsa Chief Executive Marcial Boo said the document was taken down within an hour of them becoming aware of the issue. He said that it was thought to have been accessible online for a period of around four hours.
“We take information security very seriously and the safety and security of MPs and their staff is a priority,” he said. “An investigation is currently under way and we have notified the Information Commissioner. We will be writing directly to all of those affected. “I sincerely apologise to you for the distress this has caused.”
While Mr Boo acknowledged the error represented a “serious data breach”, he said no information relating to the security of the individuals affected was made public.”No addresses, no bank account details, no phone numbers, and no National Insurance numbers were disclosed. However, we recognise that this was still extremely sensitive personal information,” he said.
Ipsa was originally set up in the wake of the 2009 MPs’ expenses scandal so that parliamentarians were no longer responsible for setting their own pay and conditions.
It quickly faced a backlash from some MPs with complaints of late payments and an overly-complicated computer system. It faced further controversy in 2015 when it handed MPs a 10% pay rise – taking their annual salary from £67,000 to £74,000 – at a time of public sector pay restraint.