The Post Office has made interim compensation offers to a number of former subpostmasters affected by a major data breach that was revealed last year.
There is still work to be done on cases, but according to a source, some subpostmasters affected by the breach have been offered interim compensation payments by the Post Office.
The payments are for damages caused by the personal details of members of the Justice for Subpostmasters Alliance (JFSA) campaign group being accidentally published on the Post Office’s website in a document titled Confidential Settlement Deed.
The Post Office would not comment on the interim payments, but a spokesperson said: “We would like to express our sincere apologies to those that were impacted by a human error which saw an unredacted document mistakenly published on Post Office’s website. Once we were made aware of the error, the document was immediately removed. We remain in contact with the Information Commissioner’s Office and the representatives of those who were affected.”
The security breach was first revealed in June 2024, but the data had been exposed for a number of years. It made the personal details of hundreds of former subpostmasters easily available. During a public inquiry hearing in November, it was revealed that this was caused by a botched website upgrade.
Jasvinder Barang, a former subpostmistress and member of the group of affected subpostmasters, said she has not yet heard anything about compensation, “apart from dribs and drabs”.
She questioned the Post Office’s attitude towards the damage the data leak has caused. “I don’t think they’re taking that seriously. We are finding it very, very stressful and very serious, but they don’t seem to think that it’s that serious,” she added.
Barang said the data breach was just another thing on top of all the stress related to the scandal. “I am absolutely stressed. Not knowing who knows where we live and all the rest of it. And of course it’s not just my safety I am worried about, but my family as well.”
During the November public inquiry hearing, Simon Recaldin, who heads up the Post Office’s Horizon scandal financial redress schemes, said: “The link to the [document], which was on the website, had broken. They were refreshing the link, and to do this they had to get the original document to put in there, but they put the unredacted document rather than the redacted document in there.”
The subpostmasters, victims of the Horizon scandal, took part in the 2018/19 High Court case that proved bugs in the Post Office’s IT system were responsible for accounting losses for which the victims had been blamed and prosecuted.
The data breach was reported in June last year, and at that time, a Google search suggested it had been online since 2019.
Following the breach being exposed, then Post Office CEO Nick Read said: “This is a truly terrible error, and one for which at this stage I can only apologise.” The Post Office notified the Information Commissioner’s Office (ICO) of the incident.
Although the breach was revealed in June 2024, no action has so far been taken by the ICO. It said: “The Post Office have made us aware of an incident and we are investigating the information provided.”
The Post Office scandal was first exposed by Computer Weekly in 2009, revealing the stories of seven subpostmasters – including Alan Bates – and the problems they suffered due to accounting software. It is one of the biggest miscarriages of justice in British history (see below for timeline of Computer Weekly articles about the scandal, since 2009).
