Norfolk and Suffolk police have stepped forward to admit that a “technical issue” resulted in raw data pertaining to crime reports accidentally being included in Freedom of Information responses.

The latest blunder follows a litany of recent errors elsewhere in the forces: Police Service in Northern Ireland (PSNI) last week confirmed it unwittingly exposed a spreadsheet containing details of serving police officers; and this week Cumbria constabulary said it mistakenly published the names, salaries and allowances for all officers and staff online.

Today in a joint statement, Norfolk and Suffolk constabularies - based in the east of England - say they "identified an issue relating to a very small percentage of responses to Freedom of Information Requests for crime statistics, issued between April 2021 and March 2022."

"A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FoI requests in question. The data was hidden from anyone opening the files, but it should not have been included.

"The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses, and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts, and hate crime."

The constabularies say they have completed an analysis of the incidents, and have started to tell affected individuals about the impact to their personal data. "We will be notifying a total of 1,230 people whose data has been breached."

"We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk," said Eamonn Bridger, assistant chief constable of Suffolk Police.

"I would like to reassure the public that procedures for handling FoI requests made to Norfolk and Suffolk constabularies are subject to continuous review to ensure that all data under the constabularies' control is properly protected."

So far, Norfolk and Suffolk police reckon that data has not been accessed by anyone outside of policing, nevertheless the UK's data watchdog, the Information Commissioner's Office, was notified of the leak.

Stephen Bonner, deputy commissioner at the ICO, said in a statement:

"The potential impact of a breach like this reminds us that data protection is about people. It's too soon to say what our investigation will find, but this breach - and all breaches - highlight just how important it is to have robust measures in place to protect personal information, especially when that data is so sensitive.

"We are currently investigating this breach and a separate breach reported to us in November 2022."

The latest incident pales into insignificance compared to the events in Northern Ireland, where PSNI has now confirmed that dissidents have accessed the data dump that identified 10,000 officers and staff, their units and locations. ®

https://www.theregister.com//2023/08/15/norfolk_and_suffolk_police_data_breach/