Police Error Exposes Personal Data Of Crime Victims

Uploaded on 2023-08-19 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Personal data and other information about and relating to victims of crime, witnesses and suspects has been mistakenly released by two police forces in their responses to freedom of information (FOI) requests. 

The Norfolk and Suffolk police force constabularies in England have said that they have mishandled and mistakenly released the sensitive data of victims, witnesses and suspects in cases including domestic abuse incidents, sexual offences, assaults, thefts and hate crime.

The police forces said the data of 1,230 people was included in files responding to freedom of information requests and has apologised.

The Information Commissioner’s Office said both forces had been placed under formal investigation, which could result in them facing fines. In a statement the forces said there was no evidence anyone had clicked on links to read the files.

It is the latest data disaster to hit policing, with blunders being admitted in the last week by the Northern Ireland police service the most serious, which has left officers fearing for their lives.

In a statement, police said: “Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to freedom of information (FoI) requests for crime statistics, issued between April 2021 and March 2022. “A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FoI requests in question. The data was hidden from anyone opening the files, but it should not have been included... The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.”

Police said 1,230 people were affected and would be contacted by September. A specialist team of officers and staff have been diverted from their normal duties to deal with the data blunder and the fallout.

Assistant Chief Constable of Suffolk Police, Eamonn Bridger, who led the investigation on behalf of both forces, said “We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk.

Alistair Carmichael MP, Liberal Democrats’ home affairs spokesperson, called on home secretary Suella Braverman to conduct an urgent review of data handling across all police forces. “Two data breaches in less than two months is simply unacceptable,” he said. “These errors can have chilling real-life consequences, and it’s disturbing to think that it is becoming routine.”

Any victims of the data breach will be contacted via letter, phone, and in some cases, face-to-face depending upon what information was impacted and what support is required. 

Suffolk Police:    ITV:    Independent:    Telegraph:   Guardian:    Politico:   Image: Kings Church Inetrnational

You Might Also Read: 

Human Error Is A Hacker's Dream:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« How SMEs Can Achieve Cyber Resilience
US Military Offers A Reward To Satellite Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

Applicure Technologies

Applicure Technologies

Applicure Technologies develops the leading multi-platform web application security software products to protect web sites and web applications from external and internal attacks.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

Lynxspring

Lynxspring

Lynxspring provides edge-to-enterprise solutions and IoT technology for intelligent buildings, energy management, equipment control and specialty machine-to-machine applications.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

Pipeline Security

Pipeline Security

Pipeline is a leader in cybersecurity, offering comprehensive services to protect organizations from evolving threats.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

Fivecast

Fivecast

Fivecast is enabling a safer world. We help organizations around the world explore masses of data to uncover actionable insights.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.

RKON

RKON

RKON Technologies provides managed IT and cybersecurity services to organizations across various industries, helping businesses mitigate risks and secure their digital infrastructures.