Staff Data Breach: British Police Could Be Fined £750k

The Police Service of Northern Ireland (PSNI) could be fined £750,000 for a major data breach last year after mistakenly disclosing the names of all 9,483 serving officers and staff in a spreadsheet published online. It was subsequently confirmed that the information was in the hands of potentially deadly dissident Republicans.  

While the PSNI has said it cannot afford such a fine, however if ir were not a public body, the fine would have been in the millions. The British data regulator, the Information Commissioner's Office (ICO), has announced that the proposed fine could be imposed on the PSNI "for failing to protect the personal information of its entire workforce".

The breach happened when police answered a Freedom of Information request and information was published online about the PSNI's 9,483 policing and civilian employees and the personal information included the surname, initials, rank, and role of all serving PSNI officers and staff.

In provisional findings announced recently, UK Information Commissioner John Edwards said: “The sensitivities in Northern Ireland and the unprecedented nature of this breach created a perfect storm of risk and harm, and show how damaging poor data security can be." He added: “Throughout our investigation, we heard many harrowing stories about the impact this avoidable error has had on people’s lives, from having to move house, to cutting themselves off from family members and completely altering their daily routines because of the tangible fear of threat to life."

The proposed fine is provisional to allow the PSNI to make representations before a final decision.Mr Edwards also revealed that the potential fine could have been £5.6m, but he used discretion to significantly reduce the amount to ensure public money is not diverted from where it is most needed.

The ICO has issued the PSNI with a preliminary enforcement notice requiring the police service to improve the security of personal information when responding to Freedom of Information requests.  

The PSNI  Chief Constable, Jon Boutcher, has previously announced that every PSNI officer and staff member would be offered a one-off payment of £500 to help with home security measures following the data breach. The incident contributed to the resignation of the previous Chief Constable who has now left the force.

ICO   |   Irish News   |   BBC   |   Scottish Legal   |    Personnel Today  |   Computer Weekly   |   Bleeping Computer 

You Might Also Read: 

Another British Police Force Leaks Confidential Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Time For Cyber Force
Facial Recognition Technology Defects »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

Armadillo Sec

Armadillo Sec

Armadillo provide penetration testing and vulnerability assessment services.

QuintessenceLabs

QuintessenceLabs

QuintessenceLabs offers a suite of Data Security technology, products and solutions to secure digital information in-transit, at-rest or in-use.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

Solana Networks

Solana Networks

Solana Networks is a specialist in IT networking and security.

Cyber Academy

Cyber Academy

Cyber Academy is one of the first institutions in the SE Europe region that provides a hands-on program in cyber security, blockchain and AI.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

Mobilicom

Mobilicom

Mobilicom is an end-to-end provider of cybersecurity and smart solutions for drones, robotics & autonomous platforms.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.

SysGroup

SysGroup

SysGroup is an award-winning managed IT services, cloud hosting, and IT consultancy provider.