Why The Data Breaches Within The Northern Ireland Police Force Are So Dangerous

Police have now revealed two separate incidents which put the safety of their staff at risk.
Police Service of Northern Ireland Chief Constable Simon Byrne has returned early from his family holiday to deal with the data breaches.
Police Service of Northern Ireland Chief Constable Simon Byrne has returned early from his family holiday to deal with the data breaches.
Liam McBurney - PA Images via Getty Images

Two separate data breaches have sparked serious concerns for the safety of anyone working Northern Ireland’s police force.

The second occasion, which occurred on Tuesday, has been declared a “critical incident” by the Police Service of Northern Ireland (PSNI) – here’s what you need to know.

What happened?

The first worrying incident happened when documents, said to contain a spreadsheet with the names of more than 200 serving officers and staff, were removed from a private vehicle on July 6, along with a police issue laptop and radio in Belfast.

Although this happened a month ago, this only came to light on Wednesday.

The second worrying event occurred on Tuesday.

PSNI accidentally released personal details of all 10,000 of its staff members – including surnames, initials, ranks or grades, work locations and departments, although their private addresses were not included.

The information was released in a Freedom of Information request and left up online for up to three hours.

Police have already apologised, and the force’s chief constable Simon Byrne is returning early from a family holiday to deal with it.

“"This is an extremely serious situation.””

- ACC Chris Todd

He is expected to field further questions about the crisis when he sees the body overseeing policing in Northern Ireland later.

Assistant chief constable Chris Todd said: “As a service we are acutely aware of the seriousness of this breach and have declared it to be a critical incident.

“We fully understand the very real concerns being felt by our colleagues and their families and we are working hard to do everything we can to mitigate any risk.

“We are working with our security partners and organisations to investigate this incident.”

He explained that an “emergency threat assessment group” has been established to examine the concerns of the force, and added: “This is an extremely serious situation.”

The UK Information Commissioner’s office has said it was investigating the breach and working with the force.

Why is this a particularly difficult issue?

Police officers in Northern Ireland still face threats to their safety, 30 years on from the Troubles.

The 1998 Good Friday Agreement famously ended 30 years of violence between Republicans and Unionists in the region – more than 300 police officers were murdered, when they were both on and off duty – but tensions have remained in some areas.

They are still sporadically targeted by dissident groups, and many officers don’t reveal their professions to their own families members for security reasons.

Only in February, an off-duty senior detective faced life-changing injuries after being shot several times by republican paramilitaries in the new IRA who see officers as “legitimate targets”.

The terror threat level in Northern Ireland was then raised to severe in March.

A union representing rank-and-file officer, the Police Federation, said “several hundreds” officers have already told their managers the were “concerned and worried as a result of what has happened”.

The leak means the identities of people who work in the organised crime unit, intelligence officers stationed at ports and airports, officers in the surveillance unit and almost 40 police staff at MI5′s headquarters in Holywood, according to the Belfast Telegraph.

Alliance Party leader Naomi Long also said it was a concern that a reportedly “relatively junior” member of staff had access to that sensitive information in the first place.

She said: “The seriousness of this cannot be underestimated.”

Police Federation chair Liam Kelly noted that the force needed “credible explanations” and a quick action plan. He added: ”The major security breach was bad enough but this heaps further additional pressure on the PSNI to produce credible explanations around data security protocols and the impact on officer safety.”

The Superintendents’ Association of Northern Ireland have also asked for a breakdown of what steps are being taken.

'Something's gone seriously wrong here'

UK Information Commissioner John Edwards told #BBCBreakfast he wants to know more about the serious data breaches by the Police Service of Northern Ireland when details of 10,000 staff were published onlinehttps://t.co/fcYY62PgC2 pic.twitter.com/12VwqOlqOr

— BBC Breakfast (@BBCBreakfast) August 10, 2023

What does this mean for safety?

Mike Nesbitt, Ulster Unionist Party representative, told BBC Radio 4′s Today programme: “The fear has returned.”

He suggested that those most at risk were the undercover officers, those with unusual surnames or with a catholic nationalist background, because there’s a higher chance of “prejudice”.

“We have come a long way but it doesn’t take many people to cause mayhem, death and destruction,” he said.

Professor Kevin Curran, cyber security expert at Ulster University, also told BBC that data classification could have been used in the background to protect the documents, and that cyber security training should be mandatory for all organisations.

He added: “But humans are often the weak point in the chain.”

Amnesty International also expressed concerns after a senior PSNI officer suggested it may “roll back” its obligations under the FOI Act.

Right now, the force is obliged to provide some info on requests for transparency from the public – but many public bodies do already use exemptions to avoid giving up the requested information.

Patrick Corrigan of Amnesty International said, despite the severity of the incident, “the police must be transparent and open to gain the public’s confidence.”

He added:“It must not be used as an excuse by PSNI senior management to avoid or take a minimalist approach to their legal obligations to be open with the public they serve.”

Close

What's Hot