Arsenal have released an apology over a ‘GDPR breach’ where some fans received the personal information of other supporters.

The Telegraph write that when Arsenal sent out letters asking members to renew their club memberships, some of those letters contained pre-filled forms with the details of total strangers. Those forms included names, date of birth, address, telephone numbers, email addresses and membership numbers.

An Arsenal spokesman told the newspaper: “We are well aware of our responsibilities under the GDPR regulations and apologise to the fans who were impacted. We launched an investigation as soon as this was brought to our attention and have established that this was a manual error by a supplier. There is no suggestion this was a system issue.”

Reportedly four fans received completed forms. Out of the many thousands who complete membership renewals, that’s not a particularly large amount.

However, even one person having all their personal details leaked to complete strangers is one too many. As an Arsenal member myself, I’d certainly prefer not to have a bunch of personal details sent to someone I don’t know.

The timing is particularly unfortunate with all the fuss about GDPR regulations at the moment. It’d be hard to stay oblivious to the situation when every website has a privacy pop-up and all our inboxes are full of emails about updates to their policies. Arsenal need to make sure they crack down on the issue now so this doesn’t happen again.