Data notice: 27 July 2018
This data notice explains details of a data breach experienced by a company we use to run surveys.
By Civil Service LGBT+ Network
On 27th June 2018, a company that we use for surveys – Typeform – had a data breach, which affected some of the surveys we have sent out in the past. Typeform reports that an external attacker managed to get unauthorized access to respondent data and downloaded it.
This breach affects a very small number of people. The good news is that Typeform responded immediately and fixed the source of the breach to prevent any further intrusion.
The surveys that were breached were surveys we used to:
- express interest in attending Newcastle Pride, Glasgow Pride and Manchester Pride in 2015
- gather information about ally networks in 2016
- an anonymous survey we used to gather views on potential People Survey monitoring questions
Typeform were able to provide a copy of the compromised data; though it is difficult to interpret. We are using this to contact individuals who may have been affected by the breach.
In response, we have deleted any archived data from the Typeform service. We are also likely to begin using alternative providers with a better track-record on preventing data breaches of this kind.
If your name and email was downloaded by the attacker, then we recommend that you watch out for potential phishing scams, or spam emails.