Police Error Exposes Personal Data Of Crime Victims

Uploaded on 2023-08-19 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Personal data and other information about and relating to victims of crime, witnesses and suspects has been mistakenly released by two police forces in their responses to freedom of information (FOI) requests. 

The Norfolk and Suffolk police force constabularies in England have said that they have mishandled and mistakenly released the sensitive data of victims, witnesses and suspects in cases including domestic abuse incidents, sexual offences, assaults, thefts and hate crime.

The police forces said the data of 1,230 people was included in files responding to freedom of information requests and has apologised.

The Information Commissioner’s Office said both forces had been placed under formal investigation, which could result in them facing fines. In a statement the forces said there was no evidence anyone had clicked on links to read the files.

It is the latest data disaster to hit policing, with blunders being admitted in the last week by the Northern Ireland police service the most serious, which has left officers fearing for their lives.

In a statement, police said: “Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to freedom of information (FoI) requests for crime statistics, issued between April 2021 and March 2022. “A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FoI requests in question. The data was hidden from anyone opening the files, but it should not have been included... The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.”

Police said 1,230 people were affected and would be contacted by September. A specialist team of officers and staff have been diverted from their normal duties to deal with the data blunder and the fallout.

Assistant Chief Constable of Suffolk Police, Eamonn Bridger, who led the investigation on behalf of both forces, said “We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk.

Alistair Carmichael MP, Liberal Democrats’ home affairs spokesperson, called on home secretary Suella Braverman to conduct an urgent review of data handling across all police forces. “Two data breaches in less than two months is simply unacceptable,” he said. “These errors can have chilling real-life consequences, and it’s disturbing to think that it is becoming routine.”

Any victims of the data breach will be contacted via letter, phone, and in some cases, face-to-face depending upon what information was impacted and what support is required. 

Suffolk Police:    ITV:    Independent:    Telegraph:   Guardian:    Politico:   Image: Kings Church Inetrnational

You Might Also Read: 

Human Error Is A Hacker's Dream:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« How SMEs Can Achieve Cyber Resilience
US Military Offers A Reward To Satellite Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CERT-In

CERT-In

CERT-In is a functional organisation of the Ministry of Information & Electronics Technology, Government of India, with the objective of securing Indian cyber space.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

Beame.io

Beame.io

Beame.io is an information security company that distributes open source authentication infrastructure based on encryption.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

TCDI

TCDI

TCDI specializes in computer forensics, eDiscovery and cybersecurity services.

Dynics

Dynics

The Dynics ICS-Defender is an Industrial Control System Security Appliance for OT or OT/IT convergent environments.

AdEPT Technology Group

AdEPT Technology Group

AdEPT are a managed services and telecommunications provider offering award-winning, proven and uncomplicated technical solutions for over 12,000 organisations across the UK.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

Securonix

Securonix

Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats.

CyberXposure

CyberXposure

CyberXposure has been built by a team comprising of Cyber Security Professionals and SAAS experts in data backup, disaster recovery and cyber-security.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.