Police Error Exposes Personal Data Of Crime Victims

Uploaded on 2023-08-19 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Personal data and other information about and relating to victims of crime, witnesses and suspects has been mistakenly released by two police forces in their responses to freedom of information (FOI) requests. 

The Norfolk and Suffolk police force constabularies in England have said that they have mishandled and mistakenly released the sensitive data of victims, witnesses and suspects in cases including domestic abuse incidents, sexual offences, assaults, thefts and hate crime.

The police forces said the data of 1,230 people was included in files responding to freedom of information requests and has apologised.

The Information Commissioner’s Office said both forces had been placed under formal investigation, which could result in them facing fines. In a statement the forces said there was no evidence anyone had clicked on links to read the files.

It is the latest data disaster to hit policing, with blunders being admitted in the last week by the Northern Ireland police service the most serious, which has left officers fearing for their lives.

In a statement, police said: “Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to freedom of information (FoI) requests for crime statistics, issued between April 2021 and March 2022. “A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FoI requests in question. The data was hidden from anyone opening the files, but it should not have been included... The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.”

Police said 1,230 people were affected and would be contacted by September. A specialist team of officers and staff have been diverted from their normal duties to deal with the data blunder and the fallout.

Assistant Chief Constable of Suffolk Police, Eamonn Bridger, who led the investigation on behalf of both forces, said “We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk.

Alistair Carmichael MP, Liberal Democrats’ home affairs spokesperson, called on home secretary Suella Braverman to conduct an urgent review of data handling across all police forces. “Two data breaches in less than two months is simply unacceptable,” he said. “These errors can have chilling real-life consequences, and it’s disturbing to think that it is becoming routine.”

Any victims of the data breach will be contacted via letter, phone, and in some cases, face-to-face depending upon what information was impacted and what support is required. 

Suffolk Police:    ITV:    Independent:    Telegraph:   Guardian:    Politico:   Image: Kings Church Inetrnational

You Might Also Read: 

Human Error Is A Hacker's Dream:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« How SMEs Can Achieve Cyber Resilience
US Military Offers A Reward To Satellite Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

Arc4dia Labs

Arc4dia Labs

Arc4dia have developed SNOW, a cyber security solution to combat the world’s most sophisticated cyber threats.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Scarlett Cybersecurity

Scarlett Cybersecurity

Scarlett Cybersecurity provide cybersecurity services to US private and public organizations with specific emphasis on compliance and cybersecurity incident prevention, detection, and response.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

Safetech Innovations

Safetech Innovations

Safetech Innovations is a team of cyber security experts, always at your service. We use human and cyber intelligence to help your business in uncertain times.

FirstWave Cloud Technology

FirstWave Cloud Technology

FirstWave Cloud Technology is a global cyber security company which has been delivering Cybersecurity-as-a-service solutions to the market since 2004.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

ConnectSecure

ConnectSecure

ConnectSecure (formerly CyberCNS) is a global cybersecurity company that delivers tools to identify and address vulnerabilities and manage compliance requirements.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.

PureSoftware

PureSoftware

PureSoftware is a global software products and digital services company that is driving transformation for the world’s top organizations across various industry verticals.