The UK government is telling people to stop using Excel spreadsheets because of multiple data breaches

Microsoft Excel
(Image credit: Shutterstock.com / monticello)

The UK government’s online privacy safeguard has issued a warning over the use of spreadsheet software such as Microsoft Excel following several high-profile security incidents.

Spreadsheets are a major cause for concern in the safety of personal information, according to the Information Commissioner's Office (ICO).

The warning comes in the wake of a surge in data breaches caused by Freedom of Information (FOI) requests, with incidents including the leaking of personal information pertaining to witnesses, suspects and victims in a number of crimes. 

Excel warning

“The recent personal data breaches are a reminder that data protection is, first and foremost, about people.” said John Edwards, the Information Commissioner, “We have seen both the immediate and ongoing impact that the release of such sensitive personal information has had on the individuals and families involved, and that is why I have taken this action.”

“It is imperative that robust measures are in place to protect personal information. The advice we have issued sets out the bare minimum that public authorities should be doing to protect personal data when responding to information access requests, and to reassure the people they serve, and their staff, that their information is in safe hands.”

Alongside its statement, the ICO has issued a number of recommendations to organizations:

  • Immediately stop uploading original source spreadsheets to online platforms used to respond to FOI requests
  • Continually provide training to staff who are involved with disclosing information
  • Avoid using spreadsheets with hundreds or thousands of rows and instead invest in data management systems which support data integrity

FOI requests are an obligation for public bodies, but personal information is exempt from release and should be redacted before the request is actioned. However, there have been numerous cases where employees have not received enough training to fully redact spreadsheets before release.

Breaches such as these show that data is not just at risk from hackers, but also from general incompetence and highlights the importance of cyber literacy within organizations.

More Microsoft Excel news

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.