British Police On High Alert After Supply Chain Breach

Uploaded on 2023-08-28 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

London’s Metropolitan Police are on serious alert because of a leak of data from their suppliers’ IT system and now Scotland Yard police are working with the IT company to review the extent of the breach.  The security breach took place when cyber criminals successfully breached the IT systems of a contractor in charge of producing warrant cards and staff passes.

The IT supplier had access to names, ranks, photos, vetting levels and pay numbers for officers and staff, but did not hold personal information such as addresses, phone numbers or financial details, the Met has said. 

All 47,000 personnel have been notified about the potential exposure of their photographs, names, and ranks.
Rick Prior, the vice-chair of the Metropolitan Police Federation, which represents staff, said any potential leak “will cause colleagues incredible concern and anger”. He said: “Metropolitan police officers are as we speak out on the streets of London undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe... To have their personal details potentially leaked out into the public domain in this manner, for all to possibly see, will cause colleagues incredible concern and anger. We share that sense of fury … this is a staggering security breach that should never have happened.”

The Met has also said the matter had been reported to the National Crime Agency and the Information Commissioner’s Office (ICO) was also informed.

N. Ireland Police Data Breach

These events follow an admission by the Police Service of Northern Ireland (PSNI) that personal data on all its serving members were wrongly published in response to a freedom of information (FoI) request. Details of about 10,000 PSNI officers and staff included the surname and first initial of every employee, their rank or grade, where they were based and the unit they worked in.

After the PSNI breach was revealed, Norfolk and Suffolk constabulary announced that the personal data of more than 1,000 people, including crime victims, was included in another FoI response

Recently South Yorkshire police referred itself to the ICO after noticing “a significant and unexplained reduction in data stored on its systems”. The force said it was urgently working with experts to recover footage filmed by officers as they attended incidents or engaged with the public, which in some cases could be used as evidence in court.

Guardian:   National News:   Sky:     The Jourmal:     Yahoo:     Image: Mary R Smith

You Might Also Read: 

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI Is The Next Big Thing For Browser Security  
NIS2 Regulations Are Coming – Are You Ready? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Biscom

Biscom

Biscom offers solutions for secure file transfer, synchronization, file translation, and mobile devices, designed to deliver mission-critical reliability, streamline workflows and reduce costs.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

Computer Laboratory - University of Cambridge

Computer Laboratory - University of Cambridge

Computer security has been among the Laboratory’s research interests for many years, along with related topics such as cryptology

Tata Consultancy Services

Tata Consultancy Services

Tata Consultancy Services is a global leader in IT services, consulting & business solutions including cyber security.

DeepCyber

DeepCyber

DeepCyber supports its customers, with an “intelligence-driven” approach, to improve their proactive detection and response "capability" of cyber threats.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Eureka Technology Partners

Eureka Technology Partners

Eureka Technology Partners are committed to helping you focus on your business by taking care of your IT infrastructure and data security needs.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Help AG

Help AG

Help AG provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security solutions and services.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.