Met Police: major data leak risks exposing identities and operations
A 'staggering' failure says Metropolitan Police Federation vice chair
The Metropolitan Police force has suffered a significant data breach after hackers infiltrated a supplier responsible for printing warrant cards and passes.
The Metropolitan Police force has suffered a significant data breach after hackers infiltrated a supplier responsible for printing warrant cards and passes.
The unnamed contractor had access to sensitive data including names, ranks, vetting levels, identification numbers and photos of almost all the Force's 47,000 employees. It is not yet known how many were affected by the breach, but all staff have been notified about the incident.
Addresses, phone numbers and financial information were not accessed, according to the Met. However, the leaked data still contained information that could compromise the identities and operations of undercover officers, counter-terrorism units, and those with special duties.
Officers from ethnic minorities have expressed fears that their "unusual" names could make them easier to identify and trace.
Metropolitan Police Federation vice chair Rick Prior said the leakage of such personal data into the public domain will cause "incredible concern and anger" among personnel.
He described the breach as a "staggering" failure that should never have occurred.
"We share that sense of fury... this is a staggering security breach that should never have happened," Prior said, as reported by Sky News.
"Given the roles we ask our colleagues to undertake, significant safeguards and checks and balances should have been in place to protect this valuable personal information which, if in the wrong hands, could do incalculable damage.
"The men and women I represent are justifiably disgusted by this breach. We will be working with the force to mitigate the dangers and risks that this disclosure could have on our colleagues. And will be holding the Metropolitan Police to account for what has happened."
A Met spokesperson said the ICO and the National Crime Agency had been informed, amidst fears that the leaked data could be exploited by organised crime or even terrorist groups.
With some of its most sensitive operations now potentially compromised, the force is on high alert as it works to determine the full extent of the breach.
The incident follows several security breaches affecting UK police forces
The Police Service of Northern Ireland issued an apology earlier this month after it inadvertently disclosed the last names, initials, ranks or positions, work sites and departments of nearly 10,000 officers and civilian staff members. A man was later arrested on suspicion of gathering information potentially beneficial to terrorists.
A week after the disclosure by the PSNI, Norfolk and Suffolk police forces said that they had also accidentally leaked sensitive data including names, addresses and dates of birth of victims, witnesses and suspects.
In the same week, Cumbria Police acknowledged a data breach that led to the online exposure of names and salaries for its staff. This incident affected a total of 1,304 police officers, 756 staff members, and 52 police community support officers.
Urgent calls are being made for improved security measures and training across police forces to prevent similar failures in the future.