DVLA mishandles confidential data of over 2,000 drivers

The Driver and Vehicle Licensing Agency (DVLA) mishandled the confidential details of over 2,000 drivers in less than a year. During a ten-month period in 2018 and 2019, the DVLA reported 439 data breaches, which affected 2,018 people, according to a BBC Freedom of Information investigation.

These data breaches saw the DVLA send important documents – including driving licenses, passports and marriage certificates – to incorrect addresses, affecting the equivalent of around seven people per day. For comparison, the Passport Office had five data breaches over the same time period, while HM Revenue & Customs had 10.

• Banned UK number plates: the 19-plate car registrations axed by the DVLA

All of the breaches were reported to the Information Commissioner’s Office, between 25 May 2018 and 18 March 2019, following the introduction of tougher data protection laws. Royal Mail advised that important or sensitive documents should be sent via a tracked special delivery. The DVLA said the data breaches were the result of “human error” by staff at their headquarters in Swansea.

A DVLA spokesperson said: “Last year, we dealt with more than one billion customer interactions. We received more than 16 million items of mail and sent out more than 93 million, including 10.6 million driving licences.

“However, we take our duties to protect data extremely seriously and have an open and transparent culture where staff report any potential breaches.

“We ensure we review all reports to identify what more can be done. While these figures are a very small percentage of our overall transaction volumes, we take these seriously and have apologised to those concerned.”

Now read about the private parking firms set to pay DVLA £16m for driver details...