Organisers of the RideLondon cycling event are “urgently looking into” a data breach involving potential participants’ personal details.
It is unclear how many applicants have been affected by the issue which saw entrants receive other people’s ballot results.
The events, due to be held in August, is open to 80,000 applications and last year 28,032 riders completed it.
Prudential RideLondon has apologised for the error.
The Information Commissioner, Britain’s data protection watchdog, has been contacted for comment.
‘I was shocked’
RideLondon, which claims to be the world’s greatest festival of cycling, is a 100-mile, closed-road event which takes in streets in the capital and travels through Surrey.
Due to take place on 16 August, it is normally oversubscribed so a ballot system is used select the successful applicants.
The mix-up over data means some potential riders are still unclear if they have won a place or not.
Chris Whitehead, from Rotherham, received what he thought would be his ballot result in the post on Monday.
But while the envelope was addressed to him, the letter itself contained someone else’s full name, address and date of birth.
“I was shocked,” he told BBC News. “I felt shocked that in this day and age, a breach like that would happen and was left wondering who has my details.
“There is a chance my identity could be stolen. Why haven’t they done any basic checking?”
The 36-year-old IT specialist added that he was disappointed the organisers did not communicate the data breach more proactively.
“I first contacted them at 11:00 GMT and it took them until about 18:00 to post an update about it on Twitter.”
Prudential RideLondon tweeted its apology for the “issue with a limited number of the Prudential RideLondon ballot results mailing” at 17:40 GMT on Monday.
All applicants will be informed of their ballot results by Thursday, according to the event helpline, meaning more people might yet receive erroneous letter over the next two days.