Following a data breach, personal details of around 5,000 Npower customers have been shared with others via letters in the post.
The letters included names, addresses and payment amounts detailing the amount of money customers with solar panels will receive as part of the feed-in tariff scheme.
The energy giant is “urgently investigating” the situation and apologises to all customers affected.
“We apologise for the error, especially to the customers whose information was incorrectly shared – around 5,000 in total”, wrote Npower in a statement.
Furthermore, Npower informed the Information Commissioner’s Office (ICO) of the breach.
“If the overall scope of the incident is limited to 5,000 customers and does not disclose anything but individual confusion of names and addresses, the incident can be classified as minor. Moreover, it is unlikely caused by hacking activities but rather an internal human mistake,” comments Ilia Kolochenko, CEO, High-Tech Bridge.
“In many organisations, it is economically impractical to mitigate all possible human errors, and a similar incident may occur at any large company. Victims of the incident will unlikely have a viable claim for damages. Nonetheless, Npower may face a regulatory fine.”
Written by Leah Alger