Information on UK Metropolitan Police officers and staff, including images, is suspected to have been leaked in a data breach. The force noticed an unauthorised access to the IT system of one of its suppliers, and says that it has been working with the company to figure out if data was breached.
The supplier had access to names, ranks, photos, vetting levels and pay numbers for officers and staff, but no personal information such as addresses, phone numbers or financial details. Rick Prior, Vice Chair of the Metropolitan Police Federation (MPF) says that the breach could do “incalculable damage”, and addresses the fury and concern of the officers.
“The men and women I represent are justifiably disgusted by this breach. We will be working with the force to mitigate the dangers and risks that this disclosure could have on our colleagues. And will be holding the Metropolitan Police to account for what has happened,” said Prior.
“Significant safeguards and checks and balances should have been in place to protect this valuable personal information.”
Rick Prior, Vice Chair of the Metropolitan Police Federation
“To have their personal details potentially leaked out into the public domain in this manner – for all to possibly see – will cause colleagues incredible concern and anger. We share that sense of fury … this is a staggering security breach that should never have happened.”
The MPF, which is the staff association to which every constable, sergeant, inspector and chief inspector in the Metropolitan Police Service belongs, has a total of more than 30,000 members.
“Given the roles we ask our colleagues to undertake, significant safeguards and checks and balances should have been in place to protect this valuable personal information which, if in the wrong hands, could do incalculable damage, ” Prior continued.
The breach has been reported to the National Crime Agency and the Information Commissioner’s Office.
Northern Ireland, Norfolk & Suffolk police
While the Met suffered a breach connected to a possible cyber hack, other UK and Northern Ireland police forces were also affected by data leaks this August.
Earlier this month, a “monumental” data breach containing surnames and initials of more than 10,000 current employees of the Police Service of Northern Ireland occurred due to a an error in response to a Freedom of Information (FoI) request. Information was published online for almost three hours. The leaked information also named MI5 officers.
About a week later, UK’s Norfolk and Suffolk police forces also reported similar breaches around FOI requests, where personal, identifiable information on a total of 1,230 victims, witnesses, and suspects, had been leaked. The information included descriptions of offences, and was related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.