Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022.
A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question. The data was hidden from anyone opening the files, but it should not have been included.
The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.
A full and thorough analysis into the data impacted has now been completed and affected individuals will be contacted about their personal data. This will be done via letter, phone and in some cases, face to face. The process is expected to be completed by the end of September and will notify a total of 1,230 people whose data has been breached.
Christiaan Beek, Senior Director, Threat Analytics at Rapid7, commented on the news: “This latest announcement by Norfolk and Suffolk Police caps off a rather bad week for the police and public institutions, with both the PSNI and the UK electoral commissions suffering data breaches in the last week.
“Such data breaches erode the general public’s confidence and trust. However, it’s especially important the public remain on high alert for any potential phishing scams or other criminal activity such as identity theft.
“For Norfolk and Suffolk Police, and all police constabularies, it is essential to have strong security procedures and protocols in place to ensure such an incident doesn’t happen again. By having security controls, security teams can be alerted and stop sensitive information from accidently being leaked.”