LAST UPDATE | 8 Aug 2023
THE POLICE SERVICE of Northern Ireland (PSNI) has apologised after information about all of the force’s serving officers and staff was published in a data breach.
At a press conference in Belfast, PSNI Assistant Chief Constable Chris Todd said the surname, initial, the rank or grade, the location and the departments of all current officers had been accidentally published in response to a Freedom of Information (FOI) request.
Todd said the PSNI data had been available to the public for around two and a half to three hours before being removed.
“We believe it was uploaded about 2.30pm this afternoon. It came to my attention as the senior information risk owner at about 4pm this afternoon, with the co-operation of the host provider it was taken down within the hour,” said Todd.
He added: “I was the first person at command level to be made aware of this. It was brought to my attention by colleagues within the service.
“As soon as we confirmed it, we got in touch with the host provider and ensured that the information was taken down, and initiated an investigation for the Information Commissioner.”
Todd said there is “nothing at the moment to suggest there’s any immediate security concerns”.
He added that the PSNI has “put actions in place to ensure that if anything does arise we will be aware of that, and then we can mitigate accordingly”.
The Assistant Chief Constable said the breach was caused by “human error”.
“We’ve looked into the circumstances, we’ll continue with our investigation, but the very early considerations are that this is simple human error and the people who have been involved in the process have acted in good faith.
“We’ve identified some steps that we can take to ensure that it doesn’t happen again.
“It is regrettable but it is simple human error.”
Todd told reporters in Belfast that PSNI Chief Constable Simon Byrne is aware of the issue.
He said: “The Chief Constable is aware. I’m the duty officer and I’m the senior information risk owner, so I take responsibility for this.”
When asked if Byrne would be coming back from his summer break, Todd said: “I can’t speak on behalf of the chief constable, but he is certainly aware of this situation as it’s developed today.”
Elsewhere, Liam Kelly, chair of the Police Federation for Northern Ireland (PFNI), described the security breach of officers’ details by the PSNI as “monumental”.
Kelly said an urgent inquiry is required and that members of the PFNI are “appalled”.
“This is a breach of monumental proportions. Even if it was done accidentally, it still represents a data and security breach that should never have happened,” he said.
“The men and women I represent are appalled by this breach. They are shocked, dismayed and justifiably angry. Like me, they are demanding action to address this unprecedented disclosure of sensitive information.
“We have many colleagues who do everything possible to protect their police roles.
“Inadequate or poor oversight of FOI procedures must be addressed and addressed urgently. New safeguards are obviously required to prevent this from ever happening again.”
The Northern Ireland Secretary has said he is “deeply concerned” about the data breach.
Writing on Twitter, Chris Heaton-Harris said: “I’m deeply concerned by the data breach involving the PSNI.
“My officials are in close contact with senior officers and are keeping me updated.”
I’m deeply concerned by the data breach involving the PSNI.
— Chris Heaton-Harris MP (@chhcalling) August 8, 2023
My officials are in close contact with senior officers and are keeping me updated.
The UUP representative on the Policing Board of Northern Ireland, MLA Mike Nesbitt, has questioned why there was “no ‘fail safe’ mechanism to prevent this information being uploaded”.
He added: “There is the question of whether it was a genuine mistake and, here, the principle of innocent until proven guilty applies.
“I view this like a serious incident when people are seriously physically injured. The priority is to assist the injured. Only after that do you turn to examine the other issues.
“In other words, my thoughts are with those whose names have been released into the public domain, who had a reasonable expectation this would never happen.”
Alliance Party leader and former Justice Minister Naomi Long said that the scale of the data breach was of “profound concern”.
SDLP policing spokesman Mark H Durkan said PSNI Chief Constable Simon Byrne needed to make an “urgent statement about the scale of the breach”, outlining how it happened and the immediate response to it.
The DUP’s Policing Board representative, MLA Trevor Clarke, said the extent of the data breach in the PSNI is “unprecedented”.
“The public will be rightly seeking answers and they deserve to see a robust response from the PSNI senior command.
“Any data breach is unacceptable, but more so when it discloses personal information identifying rank and file officers. The scale of this breach seems unprecedented.
“This not only jeopardises the safety of officers, but will further undermine morale within the organisation at a time when staff are holding the line amid unprecedented budget cuts.”
To embed this post, copy the code below on your site
have your say