The personal information of 1,230 people including victims of crime and witnesses was included in Freedom of Information responses issued by Norfolk and Suffolk Police, the forces said.
In a joint statement, Norfolk and Sussex Police said they had identified a ‘small percentage’ of FOI submissions including personal raw data.
The two police forces stressed that they have begun ‘the process of contacting those individuals who need to be notified about an impact to their personal data.’
They also said ‘strenuous efforts had been made to determine if the data released has been accessed by anyone outside of policing’ and had found ‘nothing to suggest that this is the case.’
The force’s admission comes after an ‘industrial scale breach of data’ in Northern Ireland last week which saw some details of around 10,000 officers and staff published online for a number of hours.
Norfolk and Sussex Police have issued a joint statement in response to the leak
The Police Service of Northern Ireland (PSNI) chief constable Simon Byrne, addreses reporters last Thursday following a mass data breach
Officers in Northern Ireland’s force fear for their safety after the names of 10,000 staff were leaked in a data breach. Pictured: Members of the PSNI
Yesterday, PSNI Chief Constable Simon Byrne said he is now confident that information on police officers and staff mistakenly released in a major data breach is in the hands of republican dissidents.
A joint statement reads: ‘Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022.
‘A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question. The data was hidden from anyone opening the files, but it should not have been included.
Read Related Also: Child Nicotine Poisoning Hit All-Time High as Vapes Flood the Market
‘The data impacted was information held on a specific police system and related to crime reports.
‘The data includes personal identifiable information on victims, witnesses, and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.
‘A full and thorough analysis into the data impacted has now been completed and today, we have started the process of contacting those individuals who need to be notified about an impact to their personal data.
‘This will be done via letter, phone, and in some cases, face to face depending on what information was impacted and what support is required.
‘We expect this process to be complete by the end of September. We will be notifying a total of 1,230 people whose data has been breached.’
Assistant Chief Constable of Suffolk Police, Eamonn Bridger, who led the investigation on behalf of both forces, said: ‘We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk.
‘I would like to reassure the public that procedures for handling FOI requests made to Norfolk and Suffolk constabularies are subject to continuous review to ensure that all data under the constabularies’ control is properly protected.’
The latest data leak – which follows similar mistakes in Northern Ireland and Cumbria- has led experts to call for the UK government to ensure public sector workers have better ‘data literacy.’
Speaking to MailOnline, Caroline Carruthers, CEO of global data consultancy Carruthers and Jackson, said: ‘This latest public sector data breach is yet another example of human error caused by a lack of proper data literacy in the public sector.
‘Everyone has made a mistake at work by sending an email to the wrong person or attaching the wrong document, but in the public sector and especially in this case, those mistakes can lead to very real and very serious consequences for vulnerable people.
‘Poor data training across public sector bodies meant that it was only a matter of time until data breaches like this and last week’s data breach in Northern Ireland happened and, until the UK public sector recognises the importance of data literacy at all levels of their organisations, data breaches caused by mistakes like this will unfortunately continue to occur.’
