Met Police refers itself to information watchdog after Westminster honeytrap victims' identities revealed to each other
29 November 2024, 17:14 | Updated: 29 November 2024, 18:58
The Metropolitan Police has referred itself to the Information Commissioner's Office after the names of the alleged victims of the Westminster honeytrap scandal were revealed to each other.
The force has apologised "sincerely for any distress" after an email was "sent in error".
According to reports, the Met sent an email to all those thought to be victims of the scandal - but instead of the email addresses of the recipients being hidden, they were visible to each other.
Officers will be reminded that care should be taken when sending group emails, Sky News understands.
The email is understood to have been a short, routine update to the investigation.
A Met Police spokesperson said: "An email relating to an ongoing investigation was sent in error today.
"We recognise the impact on those involved and apologise sincerely for any distress.
"A referral to the Information Commissioner's Office has been made and we await advice on next steps.
"Officers will be reaching out to those impacted to personally apologise and provide reassurance."
The honeytrap scandal was a sexting scam in which at least 12 men in political circles received unsolicited, flirtatious WhatsApp messages from people calling themselves "Charlie" or "Abi".
Explicit images were exchanged in some instances.
Former Tory MP William Wragg resigned the whip after he admitted giving out fellow politicians' phone numbers to the suspected perpetrator.
Read more on politics:
Assisted dying bill backed by MPs
How did your MP vote?
New transport secretary announced
Another MP targeted - the Conservative's Dr Luke Evans - confirmed the incident.
He said: "As someone who has spoken publicly about the impact of being targeted, I will be looking to raise this serious matter further."
The ICO earlier told Sky News it had not received a report from the Met Police; it has been asked again for an update following the Met's announcement.
In its previous statement, the watchdog said: "Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach, unless it does not pose a risk to people's rights and freedoms.
"If an organisation decides that a breach doesn't need to be reported they should keep their own record of it and be able to explain why it wasn't reported if necessary."
Parliamentary authorities have also been updated on the incident.