Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Data of entire Northern Ireland police force compromised accidentally

A major data breach of the Northern Ireland police force has exposed the data of every officer and member of staff, raising concerns about armed groups targeting individual officers.

user icon Daniel Croft
Thu, 10 Aug 2023
Data of entire Northern Ireland police force compromised accidentally
expand image

The Police Service of Northern Ireland (PSNI) revealed that the data breach occurred when it responded to a freedom of information request.

The request exposed the surnames, initials, work location and department of every single staff member after it was made publicly available on the requestor’s website for a period of approximately 2.5 hours.

The PSNI’s human resources system, which is kept highly confidential, contains the details of officers, civilian staff, intelligence workers and individuals from more secretive agencies like MI5.

============
============

In addition, officers in Northern Ireland generally go above and beyond to keep their data and identity a secret “due to the terrorist threat that is on them both on and off duty”, according to the chairman of the Police Federation, Liam Kelly.

The PSNI issued an apology for the breach, saying that the material was posted as a result of human error and that investigations so far had not presented any evidence that the security of any individuals is at risk.

Assistant Chief Constable (ACC) Chris Todd, who issued the apology in a press conference, said that the attack could lead to relationships with other agencies, such as MI5, being affected as trust in the PSNI deteriorates.

“We hope that we will maintain that, but undoubtedly, some trust and confidence will be eroded through events such as this. It is unacceptable, it’s regrettable, and something that we need to make sure doesn’t happen again.”

Responding to the admittance of the breach, Kelly said that officers deserve answers and has stressed the major consequences of the breach.

“This confirmation by the service makes matters worse. Clearly, urgent answers are required. How did this happen? What steps were put in place to advise and safeguard so many colleagues,” said Kelly.

“The major security breach was bad enough, but this heaps further additional pressure on the PSNI to produce credible explanations around data security protocols and the impact on officer safety.

“Speed is of the essence. This cannot be dragged out as officers of all ranks throughout the service are seeking reassurance and an effective action plan containing all necessary measures to counter the damage and minimise risk.”

Kelly added that this attack could require some officers to relocate from both their workplace and their home address, as sensitive information could now be in the hands of those who wish to cause them harm.

He has also demanded an inquiry into the incident to prevent something like this ever happening again.

“This is a breach of monumental proportions – even if it was done accidentally, it still represents a data and security breach that should never have happened,” he said.

The threat of domestic terrorism targeting officers is very real in Northern Ireland, with the UK’s MI5 evaluating the threat level as severe. The level was increased after an officer was left seriously injured in a gun attack by a member of the new IRA, one of the small terrorist groups.

On top of the latest data breach, the PSNI is also investigating a second breach that occurred on 6 July, when a private car was broken into, and a PSNI laptop, radio and spreadsheet were stolen. The spreadsheet contained the names of 200 officers.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.