Post Office Ltd has admitted to a GDPR data breach involving people who objected the plans to close Haworth Post Office.

An e-mail was sent out by the company on September 16 to thank the recipients for sharing their views on the consultation to move Haworth Post Office and relocate it to a Co-Op store, but the e-mail contained 155 visible e-mail addresses belonging to people who had responded.

Keighley News: Post Office Ltd sent out an e-mail containing the e-mail addresses of 155 recipientsPost Office Ltd sent out an e-mail containing the e-mail addresses of 155 recipients

The company then tried to recall the first e-mail, but in doing so, the sender failed to blind copy the recipients, so another e-mail was sent out containing 155 visible e-mail address'.

Keighley News: They then tried to recall the original e-mail but the same happened againThey then tried to recall the original e-mail but the same happened again

Tim Underwood, a recipient of the e-mail then reached out to Post Office Ltd to inform them of the breach, and they said, “Regrettably the content of the e-mail was correct, the e-mail contained the e-mail addresses of other recipients in error. As we were unable to recall the message, please can we ask you to delete the original e-mail and reply to this e-mail confirming this has been done.”

Keighley News: Recipients were asked to delete the e-mails and confirm when this had been doneRecipients were asked to delete the e-mails and confirm when this had been done

Mr Underwood told the T&A: “It isn't acceptable, it’s an utter shambles, and has been dealt with in the same vain as how Haworth Post office closure was dealt with.”

When the Telegraph and Argus contacted Post Office Ltd for a comment, A Post Office spokesperson said:

“We take any data incident very seriously and are sorry for any concern caused to the recipients of the email in question. Initial action was taken to recall the original email, followed by a request that it be deleted by each recipient before a corrected version was sent. We have notified the Information Commissioner’s Office about the incident and are looking at what we can do to ensure this does not happen again.”

When Telegraph and Argus contacted the Information Commissioner’s Office for a comment an ICO spokesperson said: “People have the right to expect that organisations will handle their personal information securely and responsibly.

“Post Office Ltd has made us aware of an incident and we will assess the information provided.”