Every police officer in Northern Ireland has data compromised in ‘monumental’ breach due to human error

0

Every police officer in Northern Ireland has data compromised in 'monumental' breach due to human error

The Police Service of Northern Ireland (PSNI) has apologised for a self-inflicted security breach which has compromised the data of every serving officer and member of staff.

The service inadvertently published the information in response to a Freedom of Information (FOI) request on Tuesday.

The breach involved the surname, initials, the rank or grade, the work location and departments of all PSNI staff, but did not involve the officers’ and civilians’ private addresses.

It also reveals members of the organised crime unit, intelligence officers stationed at ports and airports, officers in the surveillance unit and almost 40 PSNI staff based at MI5’s headquarters in Holywood, the Belfast Telegraph reports.

PSNI officers have been the targets of republican paramilitaries in recent years and in March the terror threat level in Northern Ireland was raised to severe.

PSNI Assistant Chief Constable Chris Todd apologised for the breach, saying: “I’ve had to inform the Information Commissioner’s office of a significant data breach that we’re responsible for.

“This is unacceptable.”

He said it was a result of “human error” with the people involved in the process having “acted in good faith”.

Every police officer in Northern Ireland has data compromised in 'monumental' breach due to human error

Mr Todd said the information was mistakenly made public for approximately two and a half to three hours after being published at 2.30pm on Tuesday afternoon.

The data breach was brought to his attention at 4pm and was then taken down within the hour.

He added the leak was “regrettable” and that steps had been identified to avoid a similar error from happening again.

The release of names and ranks plays right into the hands of those who deem officers of the crown legitimate targets

Every police officer in Northern Ireland has data compromised in 'monumental' breach due to human error

David Blevins

Senior Ireland correspondent

@skydavidblevins

It would be difficult to exaggerate the scale of what the Police Federation is calling a “monumental” data breach.

Northern Ireland is the one part of the UK where the terror threat level has been raised from substantial to severe, meaning attacks are highly likely.

That threat comes from dissident Irish Republicans, the self-styled New IRA in particular, a conglomerate of breakaway factions still pursuing Irish unity by violent means.

The release of the names and ranks of an estimated 10,000 serving police officers and civilian staff plays right into the hands of those who deem officers of the crown legitimate targets.

Earlier this year, the New IRA claimed responsibility for a gun attack on Detective Chief Inspector John Caldwell in Omagh – he was shot and seriously injured.

Police officers I’ve spoken say they’re required to implement rigorous data protection protocols and are furious their own data has been breached.

The Chief Constable, Simon Byrne, is under pressure to cut short his holiday and return to Northern Ireland.

Given that the security of his officers and their families should be his top priority, he would be wise to do so.

Chris Heaton-Harris, the Northern Ireland Secretary, has said he is “deeply concerned” about the breach.

Writing on X (formerly Twitter), he said: “My officials are in close contact with senior officers and are keeping me updated.”

Twitter This content is provided by Twitter, which may be using cookies and other technologies. To show you this content, we need your permission to use cookies. You can use the buttons below to amend your preferences to enable Twitter cookies or to allow those cookies just once. You can change your settings at any time via the Privacy Options. Unfortunately we have been unable to verify if you have consented to Twitter cookies. To view this content you can use the button below to allow Twitter cookies for this session only. Enable Cookies Allow Cookies Once

Explaining how exactly the breach happened, Mr Todd said: “What’s happened is we’ve received a Freedom of Information request, that’s quite a routine inquiry, nothing untoward in that.

“We’ve responded to that request, which was seeking to understand the total numbers of officers and staff at all ranks and grade across the organisation, and in the response, unfortunately, one of our colleagues has embedded the source data, which informed that request.

“So, what was within that data was the surname, initial, the rank or grade, the location and the departments for each of our current employees across the police service.”

When asked how useful the information would be to terrorist organisations, Mr Todd said the breach is of “significant concern” to many colleagues and information on how they can protect their own personal security has been passed down.

Every police officer in Northern Ireland has data compromised in 'monumental' breach due to human error

The Information Commissioner’s Office (ICO) has been notified about the incident.

An ICO spokesperson said: “The Police Service of Northern Ireland has made us aware of an incident and we are assessing the information provided.”

The Belfast Telegraph initially reported the breach, after the newspaper was made aware of the spreadsheet by the relative of a member of police staff.

It reported the spreadsheet had the response to the FOI about police staffing numbers in one tab – with the source information mistakenly included in another.

Liam Kelly, chair of the Police Federation for Northern Ireland (PFNI), described the security breach as “monumental”.

He added: “Even if it was done accidentally, it still represents a data and security breach that should never have happened.

“Rigorous safeguards ought to have been in place to protect this valuable information which, if in the wrong hands, could do incalculable damage.

“The men and women I represent are appalled by this breach. They are shocked, dismayed and justifiably angry. Like me, they are demanding action to address this unprecedented disclosure of sensitive information.

“We have many colleagues who do everything possible to protect their police roles.

“We’re fortunate that the PSNI spreadsheet didn’t contain officer and staff home addresses, otherwise we would be facing a potentially calamitous situation.”

The DUP’s Policing Board representative, MLA Trevor Clarke, said the extent of the data breach in the PSNI is “unprecedented” and “deeply alarming”.

He added: “The public will be rightly seeking answers and they deserve to see a robust response from the PSNI senior command.”

The UUP representative on the Policing Board of Northern Ireland, MLA Mike Nesbitt, has called for an emergency meeting to discuss the breach, while Alliance leader Naomi Long MLA said it was of “profound concern”.

Source

Leave A Reply

Your email address will not be published.