:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/DDREB3C65335UUAETXMF65RMAY.jpg)
The Police Service of Northern Ireland (PSNI) has apologised after information about all of the force’s serving officers and staff was published in a data breach.
At a press conference in Belfast, PSNI assistant chief constable Chris Todd said the surname, initial, the rank or grade, the location and the departments of all current officers had been accidentally published in response to a Freedom of Information (FOI) request.
Mr Todd said: “In terms of the security for individuals, there’s nothing at the moment to suggest there’s any immediate security concerns, but we have put actions in place to ensure that if anything does arise we will be aware of that, and then we can mitigate accordingly.”
He added: “This is human error.
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/S4NOS3UTDJD7BNRWQNOJWERW74.png)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/JUMZ44RWNOOQ3KEW5INRDWTWLA.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/A43MEHPPBCVPA2NRTIFM33UHUQ.jpg)
:quality(70):focal(1812x1232:1822x1242)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/BEVKT5KA6BH3ZPCTCP7EGOFN4A.jpg)
“We’ve looked into the circumstances, we’ll continue with our investigation, but the very early considerations are that this is simple human error and the people who have been involved in the process have acted in good faith.
“We’ve identified some steps that we can take to ensure that it doesn’t happen again.
“It is regrettable but it is simple human error.”
Mr Todd said that sign-off is needed on some FOI requests but as this release should not have contained sensitive data, it did not meet that requirement.
“There are steps and measures that we take to sign off releases through Freedom of Information requests,” he said.
“They differ in different circumstances.
“Because the data shouldn’t have been sensitive, it should have just been numbers of officers and staff at every rank and grade, it only required a certain level of sign-off.
“Regrettably, those measures were not sufficient for all the people in the chain to identify that embedded in what seemed like a very innocent and sensible release was further source data.
Alliance leader Naomi Long MLA has said the scale of the PSNI data breach reported on Tuesday evening is concerning and said immediate action must be taken.
“This level of data breach is clearly of profound concern, not least to police officers, civilian staff and their families, who will be feeling incredibly vulnerable and exposed tonight, and in the days ahead,” she said.
“Immediate action must be taken to offer them proper information, support, guidance and necessary reassurances regarding their and their families’ security.
“Whilst the personal data has now been removed, once such information has been published online, it leaves an indelible footprint.
“That such sensitive information could ever have been held in a manner open to such a breach is unconscionable and will require serious investigation; however, the most urgent issue is supporting those whose security has been compromised.”
The former justice minister added: “Alliance representatives on the policing board are seeking an urgent meeting of the board to be convened with PSNI senior management team to address this unprecedented security breach.”
SDLP policing spokesman Mark H Durkan said PSNI chief constable Simon Byrne needed to make an “urgent statement about the scale of the breach”, outlining how it happened and the immediate response to it.
The UUP representative on the policing board of Northern Ireland MLA Mike Nesbitt has called for an emergency meeting of the policing board.
In response to the leak of the personal data of thousands of officers on Tuesday evening, Mr Nesbitt said it must be seen the breach is being taken seriously by the police.
“It is imperative that officers, staff and their families and friends understand how seriously this breach is being taken, and that the board is determined to fulfil its oversight and challenge functions appropriately,” he said.
“There are several issues here. First, ensuring those who now feel themselves at risk are given a realistic assessment of the implications of the data breach.
“Second, why was there no ‘fail safe’ mechanism to prevent this information being uploaded.
“Third, there is the question of whether it was a genuine mistake and, here, the principle of innocent until proven guilty applies.
“I view this like a serious incident when people are seriously physically injured. The priority is to assist the injured. Only after that do you turn to examine the other issues.
“In other words, my thoughts are with those whose names have been released into the public domain, who had a reasonable expectation this would never happen.”
Liam Kelly, chair of the Police Federation for Northern Ireland (PFNI), has described a potential big security breach of officers’ details by the PSNI as “monumental”.
Mr Kelly has said an urgent inquiry is required and that members of the PFNI are “appalled”.
“This is a breach of monumental proportions. Even if it was done accidentally, it still represents a data and security breach that should never have happened,” he said. – PA