View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 18, 2023

Man arrested over PSNI data breach

The police continue to investigate the incident, which saw leaked data fall into the wrong hands.

By Claudia Glover

A man has been arrested in relation to the loss of personal information of approximately 10,000 employees of the Police Service of Northern Ireland (PSNI). The suspect has now been released on bail, to allow for further police enquiries.

A man has been arrested in relation to PSNI data breach. (Photo by Mick Harper/Shutterstock)

News of the arrest comes after the Cumbria police force became the fourth UK police force in a matter of weeks to leak confidential information online. Human error was cited as the cause of the breach.  

Man arrested over data breach at the PSNI

Following last week’s data breach at the PSNI, a man was detained and questioned by detectives at Musgrave Serious Crime Unit in Belfast and later to be released on bail. The 39-year-old was arrested on Wednesday on suspicion of collecting information likely to be useful to terrorists, by detectives investigating the leak, during a search in Lurgan, County Armagh. 

The data was mistakenly posted online in response to a routine Freedom of Information (FoI) request. While it was only available for a matter of hours, this was enough time for the information to fall into the wrong hands. Days after the breach was announced, a statement was released by the PSNI confirming that the workforce data had been accessed by dissident Republicans, who may use to “generate fear and uncertainty, as well as intimidating or targeting officers and staff,” according to the police force.

As reported by Tech Monitor, the data has already been used to try to intimidate a member of the Legislative Assembly (MLA) and Policing Board member Gerry Kelly. Printouts of the illicit information were posted on a wall opposite the Sinn Féin offices.

The leak has led many of those affected to worry about their safety. Some officers had chosen to keep their employment by the PSNI a secret due to political tensions in the region. “We operate in an environment, at the moment, where there is a severe threat to our colleagues from Northern Ireland-related terrorism,” assistant chief constable Chris Todd told the BBC. Up to 3,000 officers have reportedly come forward expressing interest in legal action following the breach.

Detective Chief Superintendent Andy Hill said the force is “working tirelessly to address the risk posed to officers and staff” and said the arrest was “just one piece of a large-scale operation”. Hill said: “We will continue in our efforts to disrupt criminal activity associated with this freedom of information data breach and to keep communities, and our officers and staff who serve them, safe.”

Content from our partners
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
Infosecurity Europe 2024: Rethink the power of infosecurity

Cumbria police hit with data breach

This week Cumbria also admitted to a data breach, revealing that names, salaries and allowances of all Cumbria police force employees were posted to its website on March 6.

A spokesperson said: “Cumbria constabulary became aware of a data breach on March 6, where information about pay and allowances of every police officer and police staff role was uploaded to the Constabulary’s website, which was a human error.”

The information was removed immediately after the breach was identified. The spokesperson added that “Cumbria Constabulary immediately contacted every affected person about the data breach, explaining that the impact of this breach was low and the measures the constabulary had put in place to manage the breach and to prevent it happening again.”

The breach was referred to the Information Commissioner’s Office (ICO), which said no further action was necessary.

This comes in the same week as Norfolk and Suffolk police forces admitted to a data leak from a joint database, leading to personal information up to 1,230 employees of both constabularies being accidentally released alongside data requested as part of an FoI request.

Read more: NCSC extends Cyber Incident Response scheme

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU