Supo, the Finnish Security and Intelligence Service, accidentally emailed confidential employee data to an external email, according to Finnish news agency STT.
Last year Supo unwittingly sent the information of all its employees to an external email. The mistakenly sent file contained information about almost all 600 Supo employees, some of which was confidential.
The mishap occurred last summer when a Supo employee on a leave of absence requested their own pay slips from Supo's personnel administration. Supo made a service request to the state's HR service centre (the Finnish Government Shared Services Centre for Finance and HR) regarding the matter.
Supo's notice to the Data Protection Ombudsman reveals that Supo only checked one of the attachments from the centre before forwarding it to the staffer on leave. The files travelled through a secure mail service to the employee's personal gmail account.
That same day the employee informed Supo that one of the files appeared to contain Supo's entire payroll, including the information of up to 586 workers.
Among other things, this list included workers' home addresses, salary information and details related to their recruitment.
Supo said the data breach was due to carelessness both at the service centre and Supo. The national security agency, however, assessed the breach to be so minor that there was no need to inform its employees of the data spill.
According to Supo, the likelihood of misuse or further dissemination of the data was 'extremely small'.
The Data Protection Ombudsman's office also concluded that the incident did not warrant further action.
Users with an Yle ID can leave comments on our news stories. You can create your Yle ID via this link. Our guidelines on commenting and moderation are explained here.