Another way data spills occur is through some types of Web forms used to collect personal information. Forms that use the 'Get' method of HTML coding attach the contents of the form to the URL of the result page (for example, if John enters his name and age on a form, the result URL might read 'www.medicalsite.com/get.cgi?name=john&age=22'). If the result page contains third-party objects or links, those third parties could receive all the information on the form, resulting in a data spill."
Peter Piazza, "Cleaning Up Data Spills," Security Management, May 1, 2001
Jason Catlett, president of Junkbusters, a New Jersey-based online advocacy group, told Newsbytes the disclosure, called a 'data spill,' was undoubtedly accidental but is not at all uncommon."
Martin Stone, "Data Spill Blamed For De Beers Web Site Security Leak," Newsbytes, April 5, 2000
I did manage to find a much earlier mention of data spill, but the author is using it in a sarcastic way:
Winn L. Rosch, "The big question: is the PC environment a safe place to work?," PC Magazine, December 12, 1989
chief privacy officer