The Home Office has been reprimanded by a watchdog after sensitive documents relating to terrorism at a London venue.
The Information Commissioner’s Office said the venue’s staff found an envelope containing four “official sensitive” documents in September last year and handed them to police.
“A government investigation concluded the Home Office was the most likely source of the documents,” a statement added.
“The reprimand has been issued to the home secretary, as the data controller for the Home Office.”
The documents included two reports by the government’s Extremism Analysis Unit, which analyses ideologies that have an impact on British interests and security.
There were also two copies of a Counter Terrorism Policing report on an unnamed visa applicant who was seeking to travel to the UK.
The ICO said that the documents were marked official-sensitive and contained specific handling instructions aiming to ensure security and confidentiality.
“The handling instructions for the reports were not followed as they were found unsecured in a venue in London, where they were accessed by unauthorised individuals,” said a letter from the ICO to Home Office permanent secretary Matthew Rycroft.
“[The Home Office] first became aware of the breach on 6 September 2021, however the breach was not reported to the ICO until 4 April 2022.”
The statutory time limit for reporting data breaches to the ICO is 72 hours but officials chose to launch an internal investigation by the Cabinet Office’s Government Security Group instead.