PERSONAL details of 10,000 people applying for Gwent Police clearance in Criminal Records Bureau checks were sent to a journalist by mistake, the force admitted.
A senior member of staff has now been suspended and a top-level inquiry into how this happened is under way.
Journalist Chris Williams, who works for a security news website The Register, says he was sent a spreadsheet which was not encrypted or password protected and included people's full names, dates of birth and whether a disclosure had been made under the CRB system - whether the applicants being vetted for work at places like schools and hospitals had a previous conviction, arrest or allegation pending against them.
He had previously made two unrelated applications for information to the force using the Freedom of Information Act, and says the force's software had remembered his e-mail address, copying him in on a document which was being sent to five Gwent Police officials.
He said the document, sent out in February but which he did not open until months later when another Gwent Police e-mail found its way into his inbox, contained the result of CRB checks going back to 2001 and identified 863 people as having disclosures against them.
Mr Williams said it recorded some of the applicants’ occupations including taxi drivers and school and hospital workers and showed the details and criminal histories of foster carers, IT technicians and pest controllers.
Gwent Police was alerted to the mistake by Mr Williams and The Register on April 9.
He then destroyed the information in the presence of officers on April 11.
He also claims that a detective chief inspector asked The Register to consider not publishing a story about the data breach saying it would undermine public confidence in the force - but the website declined.
He told the Argus: "There is no confidence in general in the official handling of data and that will not change unless these situations are brought to light. The force has blamed human error, but the software should not have allowed what happened.
"It is fortunate the data went to someone who knew how sensitive it is - that it could be used against those people who had disclosures against them. The force has had a lucky escape."
Gwent Police said it had acted quickly and decisively to protect the public. It said the public and their personal data are not at risk but have set up a helpline on 01495 745430 for anyone with any concerns.
Deputy chief constable Carmel Napier blamed "human error" and added: "As a force we have strict policies and procedures in place relating to data security but regrettably these were not followed on this occasion. We are very sorry that we have on this occasion failed to meet our own high standards."
The force has now started an internal investigation under the supervision of the Independent Police Complaints Commission (IPCC). It voluntarily notified the Information Commissioner, Criminal Records Bureau, Home Office, the IPCC and Gwent Police Authority.
It said the senior member of staff involved has been suspended pending the outcome of the internal inquiry and a group of chief officers was set up to learn lessons from the error.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereComments are closed on this article