British Police On High Alert After Supply Chain Breach

Uploaded on 2023-08-28 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

London’s Metropolitan Police are on serious alert because of a leak of data from their suppliers’ IT system and now Scotland Yard police are working with the IT company to review the extent of the breach.  The security breach took place when cyber criminals successfully breached the IT systems of a contractor in charge of producing warrant cards and staff passes.

The IT supplier had access to names, ranks, photos, vetting levels and pay numbers for officers and staff, but did not hold personal information such as addresses, phone numbers or financial details, the Met has said. 

All 47,000 personnel have been notified about the potential exposure of their photographs, names, and ranks.
Rick Prior, the vice-chair of the Metropolitan Police Federation, which represents staff, said any potential leak “will cause colleagues incredible concern and anger”. He said: “Metropolitan police officers are as we speak out on the streets of London undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe... To have their personal details potentially leaked out into the public domain in this manner, for all to possibly see, will cause colleagues incredible concern and anger. We share that sense of fury … this is a staggering security breach that should never have happened.”

The Met has also said the matter had been reported to the National Crime Agency and the Information Commissioner’s Office (ICO) was also informed.

N. Ireland Police Data Breach

These events follow an admission by the Police Service of Northern Ireland (PSNI) that personal data on all its serving members were wrongly published in response to a freedom of information (FoI) request. Details of about 10,000 PSNI officers and staff included the surname and first initial of every employee, their rank or grade, where they were based and the unit they worked in.

After the PSNI breach was revealed, Norfolk and Suffolk constabulary announced that the personal data of more than 1,000 people, including crime victims, was included in another FoI response

Recently South Yorkshire police referred itself to the ICO after noticing “a significant and unexplained reduction in data stored on its systems”. The force said it was urgently working with experts to recover footage filmed by officers as they attended incidents or engaged with the public, which in some cases could be used as evidence in court.

Guardian:   National News:   Sky:     The Jourmal:     Yahoo:     Image: Mary R Smith

You Might Also Read: 

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI Is The Next Big Thing For Browser Security  
NIS2 Regulations Are Coming – Are You Ready? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Lumeta

Lumeta

Lumeta’s cyber situational awareness platform is the unmatched source for enterprise network infrastructure analytics and security monitoring for breach detection.

Dragos

Dragos

Dragos has built the first industrial cybersecurity ecosystem, the ultimate security defense.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

LAVAAT

LAVAAT

At LAAVAT, our goal is to make it easy for our customers to build secure IoT devices without a need to invest considerably in embedded security and cryptography expertise.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.

TENEX

TENEX

TENEX is a cybersecurity company leveraging advanced artificial intelligence and human expertise to transform enterprise security.

ecfirst

ecfirst

ecfirst's mission is to establish AI platforms and service capabilities to assess and manage client compliance with global mandates on a continual basis to secure business data and assets.

Netarx

Netarx

Netarx provide real-time deepfake detection for enterprise voice, video and email.