DATA BREACH – SOUTH WESTERN RAILWAY

Our Ref: BR2/14/12

 

9^th February 2024

 

Dear RMT Member,

 

DATA BREACH – SOUTH WESTERN RAILWAY

 

The RMT Union has recently been made aware of a significant breach of South Western Railway Guards’ data. The Company Council immediately alerted your Lead Officer of the breach, who contacted the company. The document was removed 30 minutes after the matter was raised by your Lead Officer.

 

I am writing now to advise members of this data breach. The information in the breach relates to an email document share file, which showed all of the SWR Guard members names, pay numbers, any complaints made against and by the Guard, and if the Guard had been involved in a non-compliant ride. 

 

The Union’s National Executive Committee has considered this matter and have expressed their shock at this alarming situation. It is troubling that not only have the company been keeping, what is in effect, a ‘de-merit’ list but they have also made this readily available to all managers in an unprotected and easily accessible document. It is deeply disturbing that the company has kept this offensive document and in the most incompetent way possible have inadvertently shared it to the general file directory. 

 

Worryingly, the company’s attitude to this breach has been one of indifference. Management have disregarded the impact this will potentially have on the affected members. The company has failed to inform SWR Guards that their data may have been breached and have offered no apology for the incident. 

 

Therefore, as instructed by the Union’s NEC, I am seeking an urgent legal opinion into this matter, which I will place back before the NEC to consider our next steps. 

 

The Union will not tolerate these actions and we will do everything possible to protect the safety and the interest of our Guard members.

 

I will continue to keep you advised of the developments in this case. 

 

Yours sincerely

 

Michael Lynch

General Secretary