Data breach exposed details of Ukrainian refugees in Scotland

Personal details of Ukrainian refugees and the families offering to house them have been exposed online in serious data breach, a council has confirmed.

Angus Council said it had launched an investigation after details of families in the homes for Ukraine resettlement programme were posted on two Facebook groups.

The local authority said it was contacting those affected to "advise them of the breach, apologise and offer support".

It said access to the data had now been disabled and the breach had been reported to the Information Commissioner’s Office.

Angus Council confirmed the breach was "serious" and said the investigation may be passed on to Police Scotland if appropriate.

The council said in a statement: "Personal data from an Angus Council online test system has been released into the public domain via posts to two closed Homes for Ukraine themed Facebook groups.

"The council moved swiftly to disable the link once it had been made aware of the breach."

It said it was still "unclear" how the breach happened.

It added: "While the full details are still under investigation, it is understood that the data released contained personal details of prospective Ukrainian guests and their Angus-based hosts.

"The data was contained within a system, not a file, so was not available to be digitally exported, although it could potentially have been copied."

The council said it would contact people affected directly, and anyone worried their details had been released should contact them , externalvia email.

Thousands of Ukrainians have sought shelter in Scotland since 2022, when their homeland was invaded by Russia.

The Scottish government's Homes for Ukraine programme aimed to provide accommodation for refugees who fled the conflict, across all of the country's council areas.