A potentially catastrophic mistake has resulted in the names of ALL police and civilian personnel, where they were based and their roles being put online.
Police officers in Northern Ireland are “shocked, dismayed and basically angry” after a major data breach saw personal and employment data published online.
The Police Service of Northern Ireland (PSNI) apologised on Tuesday after it emerged that some 10,000 officers and staff were affected.The incident happened when the PSNI responded to a Freedom of Information request seeking the number of officers and staff of all ranks and grades across the organisation.
In the published response to this request a table was embedded which contained the rank and grade data, but also included detailed information that attached the surname, initial, location and departments for all PSNI employees.
As you can imagine PSNI staff are not best pleased:
Our Chair, Liam Kelly said this is a breach of monumental proportions and the officers we represent are appalled, shocked and angry. They want action to ensure this never happens again. @NIPolicingBoard @Justice_NI @PoliceServiceNI Read in full: https://t.co/uOmnvLneNM
— Police Federation for Northern Ireland (@PoliceFedforNI) August 8, 2023
As well as the obvious mistake of putting the data online, there should be questions asked about how many people internally in the PSNI have access to such a huge dataset.
I have worked all my life in IT and I know from experience that people are extremely complacent about data, most people do not understand IT and they ‘leave it to the techies’. I have clients give me full access to all email, files and customer data without giving it a second thought. Now I am a trustworthy sort who would never abuse that trust but you could see how people with malicious intent can quite easily gain access to massive amounts of information.
I also have a certain amount of sympathy for the poor sod who made the mistake. It is really easy in IT to attach the wrong file or not fully check the contents of a file before you send it. More than once I have taken Slugger offline with a wrong click, but obviously the repercussions of this mistake are of a considerable magnitude greater than any normal run-of-the-mill IT problems.
Also, it should be noted that the important thing is the data breaches you don’t hear about, they are a lot more common than people imagine as organisations hush them up or often they are not even aware a breach has taken place. I expect the Information Commissioner’s Office will be all over this one.
I can recommend The Checklist Manifesto to any manager looking to implement systems to reduce mistakes and errors.
"It is regrettable, but it is simple human error."
Assistant Chief Constable Chris Todd apologises after a data breach exposed information relating to "every police officer and member of police staff" working for PSNI.
Latest: https://t.co/i82VkmsQwL
📺 Sky 501 and Virgin 602 pic.twitter.com/K6Wtd2cBEI
— Sky News (@SkyNews) August 8, 2023
I help to manage Slugger by taking care of the site as well as running our live events. My background is in business, marketing and IT. My politics tend towards middle-of-the-road pragmatism, I am not a member of any political party. Oddly for a member of the Slugger team, I am not that interested in daily politics, preferring to write about big ideas in society. When not stuck in front of a screen, I am a parkrun Run Director.
Discover more from Slugger O'Toole
Subscribe to get the latest posts sent to your email.