An information watchdog has launched a probe into a data breach at Aberdeen City Council, which resulted in hundreds of confidential tax forms being sent to the wrong employees.
The 947 P11D documents are for members of staff at the local authority, earning more than £8,500 a year, and contain sensitive information such as national insurance numbers, salaries and addresses.
P11Ds are used to report benefits provided and expense payments made to employees by employers, which are not put through the payroll. The employees are also given a copy, should they need it for a self-assessment tax return.
A spokeswoman for the office of the Information Commissioner revealed last night that the council had reported the breach and an investigation was now underway.
She said: “We can confirm that Aberdeen City Council have reported a potential data security breach to us and we will be making further enquiries.”
It is unknown whether the council is now in breach of new General Data Protection Regulation (GDPR) rules which can result in substantial fines.
A council spokesman said the authority was awaiting the outcome of the investigation and declined to comment further.
Unite union north-east regional officer Tommy Campbell described the breach as “seriously concerning” for staff involved.