Citizen service numbers of benefits recipients in Zwolle, the Netherlands, have been accidentally made public. The municipality of Zwolle has sent forms for which the envelope shows not only the address details, but also the citizens' service and client numbers, reports De Stentor.
The envelopes, which were sent by post, were addressed to 2,000 residents of Zwolle. The sensitive data on the form can be read without opening the envelope. "No matter how much you shake the form in its envelope, the data can still be seen," says an anonymous victim.
Because of the combination of name, address and citizen service number, it is much easier for malicious parties to commit identity fraud. Five victims have reported the leak to the municipality of Zwolle, but, according to municipal spokesman Marieke Stenfert, the letter has been sent to 2,000 inhabitants. "We assume that it could concern all 2,000 letters," Stenfert said.
The municipality states that it is an "awful situation" for those involved and has apologized. It also said that action has been taken to prevent such a data breach in the future, by "adjusting the work processes."
Zwolle has reported the data breach to the Dutch Data Protection Authority.