- Metropolitan Police Investigating Potential Data Breach
- Concerns Over Officers’ Information Compromise
- Ethnic Minority Officers’ Heightened Concerns
The Metropolitan Police is investigating a data breach after “unauthorised access” to one of its vendors’ systems.
The force stated that the company held officers’ and employees’ names, ranks, photos, vetting levels. And pay information and that it was attempting to determine what data, if any, had been accessed.
It stated that additional “security measures” had been implemented.
According to the force’s staff association, the violation will cause “concern and anger.”
A Met spokesperson was unable to say when the intrusion occurred or how many employees may have been affected. However, the company in question did not store personal information such as addresses, phone numbers, or financial information.
The National Crime Agency (NCA) and the information commissioner have been notified about the incident.
Rick Prior, vice chair of the Metropolitan Police Federation, which represents more than 30,000 officers in the force, stated that any compromised information could “do incalculable damage” in the wrong hands.
As we speak, Metropolitan Police officers are out on the streets of London performing some of the most difficult and dangerous jobs imaginable to apprehend criminals and protect the public,” he said.
“Colleagues will be extremely alarmed and enraged if their private information is potentially released into the public domain in this way, where anyone could potentially view it.
“We will work with the force to mitigate the dangers and risks posed to our colleagues by this disclosure.”
“And we will hold the Metropolitan Police accountable for this incident.”
Former Met Chief Superintendent Dal Babu also stated that ethnic minority officers may be more concerned about the breach.
Mr. Babu, one of the UK’s most senior ethnic minority police officers, said, “If you’re from a minority background and your name has been obtained by a criminal network, they’re more likely to be able to find you because those names are uncommon and it’s easier to find on the internet where you are, what you’re doing.”
“However, if you have a name, such as John Smith, you could be one of thousands of John Smiths,” he continued.
He went on to say that some officers would be concerned about the data compromise, citing the hypothetical case of an ethnic minority officer with an unusual name who could be working in counter-terrorism or undercover and could be more easily identified.
A spokesperson for the NCA stated that the organization was “aware of the cyber incident” and was “collaborating with law enforcement partners to determine the impact.”
The breach occurred just weeks after the Police Service of Northern Ireland (PSNI) acknowledged it had inadvertently disclosed the personal information of all 10,000 of its employees.
In response to a Freedom of Information (FOI) request, the force disclosed the surname and first initial of all police and civilian personnel, their rank or grade, where they were based, and their unit.
In response to a FOI request, Norfolk and Suffolk Police erroneously disclosed information about more than 1,200 individuals, including crime victims and witnesses.
South Yorkshire Police referred itself to the information commissioner last week following “a significant and unexplained reduction” in data such as bodycam footage stored on its systems, a loss that could impact 69 cases, according to the department.