A social landlord has admitted a data security breach where private information of almost 1,000 residents’ was released.

A member of staff from the Customer Experience Team at Peaks and Plains Housing Trust accidentally sent a mass email to 994 residents on Wednesday morning, but failed to use the ‘blind carbon copy’ which conceals the identities of the recipients.

The trust has reported itself to the Information Commissioner’s Office (ICO), the regulator wich investigates cases of data misuse and loss, and can impose criminal or civil penalties against those who break the rules.

The breach was reported to the Macclesfield Express by a number of tenants, who slammed the blunder.

One described it as an ‘epic failure’ and demanded an apology.

Councillor Mick Warren, who represents Macclesfield East ward in Cheshire East Council, said the breach was disappointing, adding: “Things like this happen. It’s just fortunate that the data breach doesn’t include sensitive data such as addresses or phone numbers. Peaks and Plains need to put in place training to ensure things like this doesn’t happen again.”

Tim Pinder, chief executive at Peaks and Plains, said the trust has launched an internal investigation.

He said: “We are aware of the unfortunate incident in which a number of customer email addresses were shared with each other and have launched an internal investigation.

“We immediately asked the Information Commissioner’s Office to look into the matter, and have reviewed our own procedures to ensure that this does not happen again.

“Peaks and Plains takes data protection extremely seriously, and would like to apologise to any customers affected.”

The email sent to tenants included a draft of the trusts revised Complaints and Compliments Policy.

The 994 addresses were in alphanumeric order from ‘1’ to ‘N’.

The ICO investigates cases of data misuse and loss, and can impose criminal or civil penalties against those who break the rules.

According to the ICO using the carbon copy function in an email rather than blind carbon copy is one of the most prevalent types of data security incidents.