Staff Data Breach: British Police Could Be Fined £750k

The Police Service of Northern Ireland (PSNI) could be fined £750,000 for a major data breach last year after mistakenly disclosing the names of all 9,483 serving officers and staff in a spreadsheet published online. It was subsequently confirmed that the information was in the hands of potentially deadly dissident Republicans.  

While the PSNI has said it cannot afford such a fine, however if ir were not a public body, the fine would have been in the millions. The British data regulator, the Information Commissioner's Office (ICO), has announced that the proposed fine could be imposed on the PSNI "for failing to protect the personal information of its entire workforce".

The breach happened when police answered a Freedom of Information request and information was published online about the PSNI's 9,483 policing and civilian employees and the personal information included the surname, initials, rank, and role of all serving PSNI officers and staff.

In provisional findings announced recently, UK Information Commissioner John Edwards said: “The sensitivities in Northern Ireland and the unprecedented nature of this breach created a perfect storm of risk and harm, and show how damaging poor data security can be." He added: “Throughout our investigation, we heard many harrowing stories about the impact this avoidable error has had on people’s lives, from having to move house, to cutting themselves off from family members and completely altering their daily routines because of the tangible fear of threat to life."

The proposed fine is provisional to allow the PSNI to make representations before a final decision.Mr Edwards also revealed that the potential fine could have been £5.6m, but he used discretion to significantly reduce the amount to ensure public money is not diverted from where it is most needed.

The ICO has issued the PSNI with a preliminary enforcement notice requiring the police service to improve the security of personal information when responding to Freedom of Information requests.  

The PSNI  Chief Constable, Jon Boutcher, has previously announced that every PSNI officer and staff member would be offered a one-off payment of £500 to help with home security measures following the data breach. The incident contributed to the resignation of the previous Chief Constable who has now left the force.

ICO   |   Irish News   |   BBC   |   Scottish Legal   |    Personnel Today  |   Computer Weekly   |   Bleeping Computer 

You Might Also Read: 

Another British Police Force Leaks Confidential Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Time For Cyber Force
Facial Recognition Technology Defects »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Aurec

Aurec

Aurec provides specialist recruitment and contracting services including ICT professionals.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

Swimlane

Swimlane

Swimlane is a leader in security automation and orchestration (SAO). Our platform empowers organizations to manage, respond and neutralize cyber threats with adaptability, efficiency and speed.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

CyberMDX

CyberMDX

CyberMDX delivers proactive security built for hospital devices. 360° visibility, insight, and protection for all connected hospital technologies.

Leidos

Leidos

Leidos is a recognized leader in cybersecurity across the federal government, bringing more than a decade of experience defending cyber interests globally.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.

Cypfer

Cypfer

CYPFER is a global market leader in ransomware post-breach remediation and cyber-attack first response.

ABPGroup

ABPGroup

ABPGroup is Asia’s leading cybersecurity technology provider focusing on providing best-of-breed solutions that address today’s pressing challenges.

Inroad Technologies

Inroad Technologies

Inroad Technologies provide IT services that help keep your business computers, servers and networks secure and trouble-free.