The incident was reported to the Information Commissioner's Office, which found that a lack of audit trails and other procedures meant the breach would have gone unnoticed if the recipients had not reported it.
An internal investigation found that the same error had occurred on two previous occasions in the previous month, with details sent to other inmates' families. Police and a member of prison staff were sent to the recipients' home addresses and checks were made to ensure the files had been deleted.
The data breach came to light after one of the recipients contacted the prison in 2011 saying they had received an email from the prison clerk about an upcoming visit, along with a file containing 1,182 prisoners' names, ethnicities, addresses, sentence length and release dates.
The potential damage and distress that could have been caused by this serious data breach is obvious. Disclosing this information not only had the potential to put the prisoners at risk, but also risked the welfare of their families through the release of their home addresses.
Fortunately it appears that the fall-out from this breach was contained, but we cannot ignore the fact that this breach was caused by a clear lack of management oversight of a relatively new member of staff.
More top news
Retired game-keeper Raymond Arthur Evans’ passion for guns landed him in hot water. Nursing home staff even found a pistol in his room.
RSPCA Cymru says it's worried about a rise in reports of pets being poisoned. Here's the charity's advice on how to keep your animals safe.
Brian, 85, and Shirley, 80, plan to pose side by side on the church steps to recreate their cherished black and white wedding photo.