J.P. Antonacci reports:
Richard Shaw was surprised when a courier showed up at his house Friday morning with a letter from Norfolk County informing him that his personal information had been accidentally made available without his permission.
Shaw, a volunteer firefighter in Teeterville, was one of 1,200 county employees whose name, home address, phone number, date of birth, social insurance number and direct deposit banking information had been accessible for an unknown period of time to anyone with a county email address.
[…]
The personal information should have been accessible only to payroll and human resources staff, explained Kandy Webb, the county’s general manager of employee and business services.
Read more on Norfolk News (Canada).