FRESH concerns have been raised about the company in charge of parking permits in the town after a Rugby man was accidentally sent a host of private and confidential information about other residents.
Martin Pope was shocked to find when he received his permit from NSL that his letter contained the private details of five other residents, including their names, addresses, vehicle registration details and login details which allow access to a secure website containing yet more private information.
The residential parking permit service, previously run by Rugby Borough Council on behalf of the county council, was taken over by private company NSL last November.
In December we reported how Rugby man Paul Onyett said he waited two months to receive a permit following the changeover.
Mr Pope, who lives in Bath Street and works for delivery firm Ocado, said: “I couldn’t quite believe it when I opened the letter.
“I’d already had to chase them because I hadn’t received the usual reminder we used to get when the borough council ran the service.
“I filled out a form online and then got a letter through telling me my permit application had been successful and giving me login details to sign on and finish off the process.
“But when I looked behind my letter there were five others which were the same but for other people.
“They contained all of their private information, vehicle details, usernames and passwords.
“This is clearly a really serious data breach and it’s really quite worrying.”
Mr Pope said he was concerned the incident may not be a one off and that his details may have been sent to others.
He said: “It made me wonder if your previous correspondent Mr Onyett was waiting so long because his details were sent to someone else.
“Working for a big company which holds a lot of personal information I know how important it is to have the right mechanisms in place to make sure people’s data is protected. Clearly this is unacceptable.”
NSL spokesperson Belinda Webb-Blofeld said the company was identifying the breach with its permit printers.
She said: “We are very disappointed to learn of five letters intended for other motorists, being sent in error to one recipient.
“We will be in contact with those five motorists to reassure them that the risks pertaining to the information is minimal – where the letters contained the motorist’s parking account PINs, the only action anyone could take would be to pay the named motorist’s permit fees.
“We do take data protection extremely seriously, which is why we have earned accreditation only awarded where it has been shown that an organisation has robust data security measures in place.”
She said the company inherited a backlog of 12,000 permit applications across Warwickshire when it took over the service, which it has since cleared.