Personal details submitted by applicants for a job at Tate art galleries have been leaked online, exposing their addresses, salaries and the phone numbers of their referees, the Guardian has learned.<\/p>\n
The records, running to hundreds of pages, appeared on a website unrelated to the government-sponsored organisation, which operates the Tate Modern and Tate Britain<\/a> galleries in London, Tate St Ives in Cornwall and Tate Liverpool.<\/p>\n The data includes details of applicants\u2019 current employers and education, and relates to the Tate\u2019s hunt for a website developer in October 2023. Information about 111 individuals is included. They are not named but their referees are, sometimes with mobile numbers and personal email addresses. It was not immediately clear how long the data had been circulating online.<\/p>\n Max Kohler, a 29-year-old computer programmer, discovered his data appeared in the leak on Thursday after one of the referees on his application was emailed by a stranger who had seen the data dump online.<\/p>\n Kohler found that it included his last salary, the name of his current employer, and names, emails and addresses of his other referees, as well as lengthy answers he had given to job application questions.<\/p>\n \u201cIt\u2019s very disappointing and disillusioning,\u201d he said. \u201cYou spend time putting in all this sensitive information, salaries from previous jobs, home addresses, and they don\u2019t take care of this information, and have it floating around in public.<\/p>\n \u201cThey should take it down, apologise and there should be a report into how this happened and what they are going to do to ensure it does not happen again. It must be mistrained staff or process error.\u201d<\/p>\n The number of data security incidents reported to the UK\u2019s Information Commissioner\u2019s Office (ICO) continues to rise<\/a>. In 2022 there were just over 2,000 incidents reported per quarter; that has increased to more than 3,200 between April and June this year.<\/p>\n Kate Brimsted, a partner at the law firm Shoosmiths and an expert in data privacy, information law and cyber security, said: \u201cA breach doesn\u2019t have to be deliberate, and while the ransomware attacks get the headlines, the majority of breaches today are through error. It\u2019s just as important to have checks and processes as part of organisations\u2019 day-to-day practices. We are all fallible. It\u2019s really hard work managing your own data. It is difficult and sometimes boring, but is important.\u201d<\/p>\n skip past newsletter promotion<\/a><\/p>\n Our morning email breaks down the key stories of the day, telling you what\u2019s happening and why it matters<\/p>\n Privacy Notice: Newsletters may contain information about charities, online ads, and content funded by outside parties. If you do not have an account, we will create a guest account for you on theguardian.com<\/a> to send you this newsletter. You can complete full registration at any time. For more information about how we use your data see our Privacy Policy<\/a>. We use Google reCaptcha to protect our website and the Google Privacy Policy<\/a> and Terms of Service<\/a> apply.<\/p>\n after newsletter promotion<\/p>\n The ICO, which regulates data protection in the UK, said: \u201cOrganisations must notify the ICO within 72 hours of becoming aware of a personal data breach, unless it does not pose a risk to people\u2019s rights and freedoms. If an organisation decides that a breach doesn\u2019t need to be reported they should keep their own record of it and be able to explain why it wasn\u2019t reported if necessary.\u201d<\/p>\n A spokesperson for Tate said: \u201cWe review all reports thoroughly and are investigating the matter. We have not identified any breach of our systems and wouldn\u2019t comment further while the matter is ongoing.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"Personal details submitted by applicants for a job at Tate art galleries have been leaked online, exposing their…\n","protected":false},"author":2,"featured_media":283279,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31],"tags":[76,354,355,49,48,356,75],"class_list":{"0":"post-283278","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-arts-and-design","8":"tag-arts","9":"tag-arts-and-design","10":"tag-artsanddesign","11":"tag-ca","12":"tag-canada","13":"tag-design","14":"tag-entertainment"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/posts\/283278","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/comments?post=283278"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/posts\/283278\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/media\/283279"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/media?parent=283278"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/categories?post=283278"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ca\/wp-json\/wp\/v2\/tags?post=283278"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}