Shropshire Star

Eight people cited data breach as they left PSNI, Policing Board told

Details of almost 10,000 officers and staff in the Police Service of Northern Ireland were released last August.

Published
Last updated

Eight people have cited a major data breach by the Police Service of Northern Ireland (PSNI) as one of their reasons for leaving the service, the deputy chief constable has said.

Personal details of almost 10,000 officers and staff were inadvertently released last August in an incident that left many fearing for their safety.

It came as a spreadsheet released as part of a freedom-of-information request held hidden data with the initials, surname, rank and role of all 9,483 PSNI officers and staff.

Police later said the information had got into the hands of dissident republicans.

In the aftermath of the leak, some officers chose to relocate their homes, cut contact with family members and change daily routines.

The PSNI was fined £750,000 for an “egregious” data breach by the Information Commissioner’s Office (ICO).

Meanwhile, thousands of officers and staff are pursing legal action against the PSNI over the breach.

Chief Constable Jon Boutcher told the Northern Ireland Policing Board on Thursday that very few organisations could or would have responded with the swift, robust measures put in place by the PSNI to devalue and recover the information.

Acting Deputy Chief Constable Chris Todd updated the board on progress towards recommendations made following the breach.

He said about 9,500 colleagues were directly impacted and that senior officers worked immediately to have the data removed from the internet and worked late into the night to offer welfare support and security to those concerned.

Over the next weeks and months, he said 4,000 colleagues asked for support, special arrangements had to be made for 75 and 90% of the workforce took up a universal offer of £500 for required security measures.

He added that the impact on the officers and staff should not be underestimated.

“We do know, as a result of interviews on exit, that there are eight people at least in the organisation who referenced the impact of the data breach at the point that they decided they would leave the organisation,” he said.

Acting Deputy Chief Constable Chris Todd speaks to the media
Acting Deputy Chief Constable Chris Todd appeared before the Policing Board (Liam McBurney/PA)

Sinn Fein MLA Gerry Kelly questioned whether the number could be higher.

Mr Todd responded: “There’s eight that have specifically said so.

“So, when anybody retires or resigns, they are invited to have an exit interview. Not everybody agrees to that or accepts that or wants that, so there might be some people who have not had exit interviews because they didn’t want to have an exit interview who haven’t had the chance to tell us precisely why, so there could be potentially others, but certainly there are eight who did have an exit interview who said that ‘part of the reason why I’ve left is because of the impact of the data breach’,” he said.

Mr Todd also outlined other actions, such as devaluing the leaked data to render it useless to those who would wish to cause harm, which included changing the service numbers.

He said there were 967 attempts to access the data tracked to 221 IP addresses which were investigated with the help of agencies such as the NCA and GCHQ as well as international agencies such as the FBI.

The ICO said it had been the most significant data breach in the history of UK policing, not only due to the data but the context of Northern Ireland and threat to officers.

It made 37 recommendations, of which Mr Todd said 18 are now completed, good progress has been made on eight, some progress has been made on ten and one has not been progressed.

Mr Todd said the one that has not been progressed is the replacement of system, which he said was down to financial constraints.

Sorry, we are not accepting comments on this article.