UK Police Suffered Thousands of Data Breaches in 2020
There were over 2300 data breach incidents reported by just 22 of the UK’s police forces in 2020, according to new Freedom of Information data.
VPNoverview requested information from the UK’s 45 police forces and received responses from 31.
All told, the results revealed a national average of 299 data breaches per police station over the period dating from 2016 to the first four months of 2021.
This included a combination of human error — for example, staff emailing sensitive information to the wrong recipient — and malicious third-party attacks.
There was no breakdown in the report indicating which accounted for the majority of cases. However, separate FoI data from 23 forces obtained in 2019 revealed that 237 officers and staff members were disciplined, six resigned during investigations and 11 were sacked for computer misuse offenses over the previous two years.
Many of these involved accessing police databases unlawfully to search for individuals.
The VPNoverview study did reveal the best and worst offenders of the past four years. Lancashire Constabulary topped the list of forces suffering most incidents over the period (1300), followed by nearby Cheshire Constabulary (1193), Sussex Police force (980) and the Police Service of Northern Ireland (928).
Five forces reported fewer than 10 incidents from 2016-21 while London’s Metropolitan Police and Dorset Police claimed to have suffered no breaches in over four years.
Sussex Police has already recorded 62 data breach incidents so far in 2021, followed by West Midlands Police (37), North Wales (24) and Wiltshire Constabulary (12).
A Big Brother Watch study from 2016 found that UK police suffered more than 2300 breach incidents over the previous four years as a result of insiders abusing their position.
A year previously, South Wales Police was fined £160,000 after it misplaced unencrypted DVDs containing a highly sensitive video recording of an interview with a sex abuse victim.
Source: Infosecurity Magazine