A recent public inquiry revealed that a human error during a website upgrade led to a significant data breach at the Post Office, exposing personal information of hundreds of former subpostmasters. Back in June, a document with the names and addresses of all 555 subpostmasters involved in the 2018/19 High Court Group Litigation was mistakenly published on the Post Office’s website. This group litigation confirmed that issues in the Post Office’s Horizon IT system caused accounting discrepancies, for which many subpostmasters were wrongfully blamed and prosecuted.
During the inquiry, Simon Recaldin, who oversees the financial redress schemes related to the Horizon scandal, was questioned about whether this data breach reflected the Post Office’s culture. He insisted it was purely human error and expressed deep regret that it occurred. Recaldin explained that during a website upgrade, a link to the Group Litigation Order settlement agreement had broken. In the attempt to fix it, someone mistakenly uploaded the unredacted document instead of the corrected version.
Further investigations revealed that a link to the document might have been accessible online since 2019. Recaldin mentioned that the Post Office is currently discussing this with their legal team.
During the inquiry, concerns were raised about an alleged culture of “over investigation” within the Post Office. Recaldin acknowledged this issue, describing the organization as being in a “sensitive environment.” He felt that, given the turmoil the Post Office has faced, employees are hesitant to make decisions due to fear of repercussions.
He shared that in his 38 years of work, primarily at NatWest Bank, he never faced a grievance. However, during his three years at the Post Office, he has undergone five internal investigations.
Previously, the inquiry had uncovered an internal board report highlighting several ongoing investigations. These include Project Acer, looking into a manager who allegedly told staff to destroy material relevant to the inquiry; Project Willow, examining possible misrepresentation by a former transformation boss; and Project Alder, which investigates claims that contractors delayed compensation processing. Another investigation, Project Phoenix, focuses on potential involvement of current staff in wrongful prosecutions of subpostmasters. Additionally, Project Tiger explores complaints from former subpostmaster Tim McCormack regarding responses to Freedom of Information requests.
The outgoing CEO, Nick Read, and former chairman, Edward Staunton, are also under investigation. The public inquiry into the Horizon scandal is now in its seventh and final phase, scrutinizing present practices and recommendations for the future.
This scandal first drew attention in 2009, thanks to Computer Weekly, which spotlighted the experiences of seven subpostmasters negatively affected by the Horizon system—setting the stage for what would become one of the most extensive miscarriages of justice in British history.