VOTER details in two Gwent counties appear to have been mistakenly passed to third parties due to a computer error.
The Information Commissioner's Office (ICO) is continuing to investigate how this happened.
Torfaen Council and Caerphilly Council have confirmed that they were affected.
earlier this month Rhondda Cynon Taf made the ICO aware of the software error, which appears to have led to agencies being supplied with the full version of the electoral register and not an edited version.
The edited roll can be sold to third parties for marketing purposes.
But, members of the public can opt-out of this edited list, so that their details are not passed on.
But the computer error meant the opt-out requests were missed.
A Torfaen Council spokesman confirmed that four people in the borough had been affected and the moment that the council were made aware of the problem, they rectified it.
They will be writing to the effected people to make them aware.
In Caerphilly, 23 people had opted out of appearing on the edited electoral register.
A spokeswoman said: “These credit reference agencies were immediately notified of this error and an updated register provided.”
An ICO spokesperson said:"The full version of the electoral register should only be used for elections, preventing and detecting crime and checking applications for credit. Any suggestion that it has been made available for other purposes raises clear data protection concerns.
"We will be making enquiries into the potential data breach at Rhondda Cynon Taf. This will include considering whether the problem has implications for other councils."
Newport Council and Monmouthshire Council have confirmed that they were not affected.