Staff Data Breach: British Police Could Be Fined £750k

Uploaded on 2024-05-24 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

The Police Service of Northern Ireland (PSNI) could be fined £750,000 for a major data breach last year after mistakenly disclosing the names of all 9,483 serving officers and staff in a spreadsheet published online. It was subsequently confirmed that the information was in the hands of potentially deadly dissident Republicans.  

While the PSNI has said it cannot afford such a fine, however if ir were not a public body, the fine would have been in the millions. The British data regulator, the Information Commissioner's Office (ICO), has announced that the proposed fine could be imposed on the PSNI "for failing to protect the personal information of its entire workforce".

The breach happened when police answered a Freedom of Information request and information was published online about the PSNI's 9,483 policing and civilian employees and the personal information included the surname, initials, rank, and role of all serving PSNI officers and staff.

In provisional findings announced recently, UK Information Commissioner John Edwards said: “The sensitivities in Northern Ireland and the unprecedented nature of this breach created a perfect storm of risk and harm, and show how damaging poor data security can be." He added: “Throughout our investigation, we heard many harrowing stories about the impact this avoidable error has had on people’s lives, from having to move house, to cutting themselves off from family members and completely altering their daily routines because of the tangible fear of threat to life."

The proposed fine is provisional to allow the PSNI to make representations before a final decision.Mr Edwards also revealed that the potential fine could have been £5.6m, but he used discretion to significantly reduce the amount to ensure public money is not diverted from where it is most needed.

The ICO has issued the PSNI with a preliminary enforcement notice requiring the police service to improve the security of personal information when responding to Freedom of Information requests.  

The PSNI  Chief Constable, Jon Boutcher, has previously announced that every PSNI officer and staff member would be offered a one-off payment of £500 to help with home security measures following the data breach. The incident contributed to the resignation of the previous Chief Constable who has now left the force.

ICO   |   Irish News   |   BBC   |   Scottish Legal   |    Personnel Today  |   Computer Weekly   |   Bleeping Computer 

You Might Also Read: 

Another British Police Force Leaks Confidential Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Time For Cyber Force
Facial Recognition Technology Defects »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

Applied Science and Technology Research Institute Company Limited (ASTRI)

Applied Science and Technology Research Institute Company Limited (ASTRI)

ASTRI's mission is to enhance Hong Kong’s competitiveness in technology-based industries through applied research in areas including Security & Data Sciences which encompasses cybersecurity.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

IGI Cybersecurity

IGI Cybersecurity

IGI Cybersecurity delivers people-driven cybersecurity for personalized, resilient cyber defense focused on individualized strategy and unshakeable partnership.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.

AI EdgeLabs

AI EdgeLabs

AI EdgeLabs is a powerful and autonomous cybersecurity AI platform that helps security teams respond immediately to ongoing attacks and protect Edge/IoT infrastructures.

HeroDevs

HeroDevs

HeroDevs is the trusted leader in providing secure, long-term support for deprecated open-source software.