17 Sep 2013

Human error behind EQC privacy breach

6:36 pm on 17 September 2013

Human error is behind a privacy breach that resulted in 260 customers being sent information about other claimants, the Earthquake Commission (EQC) says.

Acknowledgement letters sent out last week were meant to confirm each customer's address, phone number, insurance company and the damage reported but no financial information.

EQC chief executive Ian Simpson said the second page of the letters was mixed up during the collation process, which meant each customer was sent the information of another.

An investigation is under way, and letter recipients, most of whom were in Wellington and Seddon, are being contacted.

The incident is the third privacy breach since the September 2010 earthquake.

In the earlier breaches, an EQC staffer in March mistakenly sent an email with the claim status and private details of 83,000 claimants, covering 98,000 claims to the chief executive of insurance resolution company Earthquake Services.

A few days later, a further breach of about 1900 claims was made when the information of the 83,000 claimants sent to Earthquake Services was also sent to Marc Krieger, who writes for blog site EQC Truths and who later published it on an overseas website.