Vulnerable children's details at risk in data breach

Details of vulnerable children in Cardiff have been compromised due to a data breach, council documents have shown.

The cybersecurity failure poses "a potential safeguarding risk to children" and relates to young people looked after by Cardiff council, according to the Local Democracy Reporting Service.

Members of Cardiff council's governance and audit committee were told about the data breach by a council official at a meeting on Tuesday.

Cardiff council and Data Cymru have been asked for comment.

A council document stated "a failure in cyber security results in a data breach and therefore a potential safeguarding risk to children" and said the situation had been escalated in January of this year.

The council's director of children's services, Deborah Driffield, mentioned the data breach while presenting an update on risk management to committee members.

She said: "[There are] some issues around cyber security.

"We have had a data breach that we are currently managing and drawing up... new arrangements in relation to this world of people stealing data and sharing it on the dark web and trying to understand how we can mitigate against that.

"That is a fairly new area for us, but we have shared the risks there and certainly are working with the Welsh government and Data Cymru and all of the other… local authorities on that."

The council document also stated work had taken place with the national cyber security team and risk assessments were being undertaken, with an action plan under development.

The failure affected Data Cymru, which is a Welsh local government company with a board of directors elected by the Welsh Local Government Association (WLGA) that supports councils and their partners to collect data.