HM Revenue & Customs (HMRC) accidentally sent out other people's private details, including bank account data, to thousands of customers.
Tax credit claimants were apparently sent other people's personal information in the post along with their annual award notice, according to reports.
One woman from Hyde in Greater Manchester told the BBC she had received a letter that included her neighbour's earnings.
She also got the bank sort code and the last four digits of the bank account number of another claimant.
An HMRC spokesman blamed a printing error, and played down the danger of identity theft.
''HMRC takes data security extremely seriously,'' he said. ''Unfortunately an error has occurred in one of the tax credits print runs causing some customer information to be wrongly formatted.
''Investigations are under way to identify the cause of the problem and we will be contacting affected customers in writing this week, apologising and providing a corrected award notice.
''An initial analysis shows ID theft could not result from this printing error.''
Last year, the Revenue responded to the Poynter Review, which was set up after the loss of the entire child benefit database in 2007.
A civil servant burned the database onto two CDs and popped them in the post. When the 25 million records failed to arrive they were sent again, twice.
SM&CR is the big one
To 'future-proof advice firms'
Latest news and analysis
Three years at Wells Fargo
Effective from 9 December 2019