05 Apr Incorrect sharing of player information

On 30 March 2023 an email was sent to the official representatives of 23 Veterans League member clubs asking for help to bring Bowlsnet up to date with players details. This included attachments with the name, date of birth and BCGBA number of 998 players registered for this season. A further 441 were included without date of birth. The information shared included all players of all 45 clubs in the league. This should not have happened and the League apologises most sincerely for this.

Players can be assured this is being treated seriously, we have contacted the Information Commissioners Office  (ICO) for UK GDPR data breaches and are following their advice and guidance. While the risk to individuals has been assessed as low we are taking all necessary steps to help mitigate and prevent any repetition. We have worked with the 23 recipient club representatives to ensure their copies are deleted and similarly anyone they have sent it to. A full review is also being undertaken to ensure the lessons learnt can strengthen the knowledge and working practices of everyone who supports running your league. The outcome will be shared with clubs as soon as this is complete.

To address possible confusion or misunderstanding arising from news items members may have seen on Huddweb, over which the League has no control, please note:

The data was limited to name, date of birth and BCGBA number
The date of birth information related to 998 bowlers
The information was received by 23 club representatives and not all 45
The League has not and will not be naming who shared the information
Huddweb did gain possession of a copy of the email and attachments and has since confirmed these have been deleted
Huddweb did not immediately alert us, but we were already aware and taking action thanks to the diligence of club representatives.

A big thank you to all those club representatives who have helped us with this. Their excellent response is to be commended and is much appreciated.

Again, many apologies to our members for this happening and please be assured we are taking all necessary action to protect and prevent future issues. If any club needs help or has queries please contact our General Secretary who will be pleased to assist.

In addition, below is a reminder of steps that everyone can take on a day-to-day basis to help keep themselves safe from phishing and other fraudulent activity.

Always question unsolicited calls, texts or emails requesting your personal or financial information (name, address, bank details, email or phone number). Instead, contact the company directly using a known email or phone number.
Always install the latest software and app updates on all of your devices. Protect your email account with a strong, separate password and enable two-factor authentication (2FA) where possible, and always use strong, unique passwords.
Installing, or enabling, antivirus software on your laptops, mobiles and computers will protect them from viruses and hackers.
Many frauds start with a phishing email. Remember that banks and financial institutions will not send you an email asking you to click on a link and confirm your bank details. Do not trust such emails, even if they look genuine.
Never automatically click on a link in an unexpected email or text.
Remember, email addresses and phone numbers can be spoofed, so don’t use those as a means to verify that a message or call is authentic.