The Firearms Safety Authority has apologised to licence holders following an email privacy breach of 147 people.
Superintendent Richard Wilson, director of operations at Te Tari Pūreke Fire Arms Safety Authority, said the breach took place on Wednesday afternoon after its Auckland District Office sent an email to 147 people that revealed the email address of the recipients to other fellow licence holders.
"This incident is being treated seriously by Te Tari Pūreke, who have lodged this as a privacy breach and will be notifying the Office of the Privacy Commissioner."
Supt Wilson said the email was a generic message asking the recipient to update their address. It did not contain individual information about recipients other than their email address being visible.
"The email was not sent to any members of the wider public and only went to the group of licence holders."
As a result, Te Tari Pūkere immediately ceased emailing groups and sent a follow-up email to the 147 recipients asking them to delete the previous email.
"A rapid review has determined that the privacy breach came about from human error, when the email addresses were incorrectly pasted into the 'cc' (carbon copy) address field, rather than the 'bcc' (blind carbon copy) address field."
Te Tari Pūkere stressed the breach was not related in any way to information held securely in its systems.
"[It] did not come about from any breach of its systems, but rather from human error."
The Authority plans to make contact with the 147 affected to explain the nature of the breach and how it occurred.
"Te Tari Pūreke sincerely apologises to all those affected by this event," said Supt Wilson
"Te Tari Pūreke has also begun a rapid review of its processes around the sending [of] large batches of email, and will be strengthening its processes to avoid future events like this."
