Thousands of Metropolitan Police officers and support staff have been urged to “remain vigilant” after an IT system containing their personal details was hacked. It is the latest in a string of data breaches involving police forces.
The Met said it had been made aware of “unauthorised access to the IT system of one of its suppliers”. The company in question had access to names, ranks, photos, vetting levels and pay numbers for officers and staff, but did not hold personal information such as addresses, phone numbers or financial details, the force said.
A spokesman for the force was unable to say when the breach occurred. However, Scotland Yard is now working with the company to understand if there has been any security breach relating to its data.
The Met has taken “security measures” as a result. And the matter has been reported to the National Crime Agency – and the Information Commissioner’s Office (ICO) is also aware, the Met said.
All its 47,000 personnel were reportedly warned of the risk their photos, names and ranks had been stolen and been urged to “remain vigilant”. One former Met Police Commander said the data breach was “utterly outrageous.”
John O’Connor said the beach could have a number of security and safety implications for the force and its officers and staff. He told The Sun: “Anyone using these details to produce a warrant card or pass could gain access to a police station or secure area.
“There is also a huge concern that photographs of police working on undercover units, surveillance or in sensitive areas like counter-terrorism could fall into the wrong hands. This data breach has put safety of police at risk and questions need to be asked about why IT security of this company was so slapdash.”
It follows an admission by the Police Service of Northern Ireland (PSNI) that personal data on all its serving members was mistakenly published in response to a Freedom of Information (FOI) request.
Details of around 10,000 PSNI officers and staff included the surname and first initial of every employee, their rank or grade, where they are based and the unit they work in. After the PSNI breach was revealed, Norfolk and Suffolk Police announced the personal data of more than 1,000 people – including crime victims – was included in another FOI response.
On Wednesday, South Yorkshire Police referred itself to the ICO after noticing “a significant and unexplained reduction in data stored on its systems”.
The force said it is now urgently working with experts to recover footage filmed by officers as they attended incidents or engaged with the public and which, in some cases, could be used as evidence in court.
