Two British police forces mistakenly release crime reports with personal data of victims, suspects, witnesses

Paul Godfrey
·3-min read
UPI
The police services in the English counties of Norfolk and Suffolk said Tuesday they had accidentally released hundreds of crime reports with the personal details of 1,230 victims, suspects and witnesses in the second major data breach by British law enforcement in a week. File Photo by Facundo Arrizabalaga/EPA-EFE

Aug. 15 (UPI) -- Two police forces in England said Tuesday that they had accidentally leaked crime reports containing the personal details of more than 1,000 suspects, witnesses and victims of domestic violence, sexual offenses, assaults and thefts.

The data leaks from Norfolk and Suffolk police services affected a "very small percentage" of responses to Freedom of Information requests for crime statistics between April 2021 and March 2022, the two forces said in a joint news release.

"A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question. The data was hidden from anyone opening the files, but it should not have been included.

The data included "personal identifiable information" on victims, witnesses, and suspects, as well as descriptions of crimes which included domestic incidents, sexual offenses, assaults, property theft and breaches of hate laws.

"Strenuous efforts have been made to determine if the data released has been accessed by anyone outside of policing. At this stage we have found nothing to suggest that this is the case."

The forces said they had begun contacting the 1,230 people affected Tuesday, following a comprehensive analysis of the data breach, by letter and phone and in person for the most serious cases and those who may need support with the process expected to take about seven weeks.

Suffolk Police Assistant Chief Constable Eamonn Bridger, who led the investigation on behalf of both forces apologized and said police regretted any concern that the incident may have caused the people the forces serve.

"I would like to reassure the public that procedures for handling FOI requests made to Norfolk and Suffolk constabularies are subject to continuous review to ensure that all data under the constabularies' control is properly protected."

The privacy watchdog, the Information Commissioner's Office, said it was investigating the breach and an earlier incident reported to it in November 2022

"The potential impact of a breach like this reminds us that data protection is about people," said ICO Assistant Commissioner Stephen Bonner.

"It's too soon to say what our investigation will find, but this breach -- and all breaches -- highlights just how important it is to have robust measures in place to protect personal information, especially when that data is so sensitive."

The latest data leak comes a week after the Police Service of Northern Ireland published the personnel files of its entire 10,000 policing and civilian staff online, also due to the botched handling of an FOI request.

Officers, unions and politicians said they feared the information which included surnames and first initials, service number, rank and unit to which they are attached and its location, as well as classified information detailing involvement in surveillance and intelligence, would place police and their families at risk.

On Monday, PSNI Chief Constable Simon Byrne confirmed the information was in the hands of dissident republicans and could be used to "intimidate or target officers and staff."

"We are working round the clock to assess and mitigate this risk," Byrne said but acknowledged republican paramilitaries could use the data to propagate "fear and uncertainty".

The current terrorist threat level in Northern Ireland is "severe", meaning an attack is highly likely. It was raised from "substantial" in March after a senior off-duty police officer was shot by masked gunmen at a sports complex in February.

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories