Thousands of police officers' details stolen in huge cyber attack

713     0
Thousands of police officers
Thousands of police officers' details stolen in huge cyber attack

Thousands of police officers' details have been compromised in a ransomware cyber attack.

It is understood the hack - impacting Greater Manchester Police - was aimed at a company the force contracted to produce them. Police officers and staff were informed about the hack yesterday. It comes after GMP announced it had reached 8,000 officers in March this year - meaning a Government target was met. 93 more new PCs were also sworn in earlier this month.

It's thought it concerns thousands of ID badges, which contain the names and pictures of police officers, according to police sources. The incident is almost identical to a hack which affected the Metropolitan Police last month. GMP is expected to reveal more details shortly. An email to force staff said there had been a 'potential data breach at a supplier used by GMP to produce identification badges' after the company had been the victim of a 'ransomware attack', reports the Manchester Evening News.

The attack 'includes data of personnel at various public sector and other organisations across the UK, including that of GMP and the Metropolitan Police', according to the message. Investigators have established that data from the badges including names, ranks, photos and serial numbers 'may have been accessed'.

The email went on: "We have been advised that there is nothing a this time to indicate that financial data or personal address data has been accessed as part of this breach." It added, however, that a small number of pictures contained 'geo-location data' and that people in this smaller group would be contacted. It said: "There is no indication that any GMP data has been made available online or has been shared any further." The email also confirmed the National Crime Agency was investigating the hack.

Mum wades 60 miles through river after tracking 'stolen' sausage dog with AirTag eiqreidekidzeinvMum wades 60 miles through river after tracking 'stolen' sausage dog with AirTag

Industry experts urged the Met to carry out a thorough investigation of its cyber security practices following the IT breach. They said the possible data breach was “extremely worrying” but unsurprising as cyber attackers frequently target third-party companies.

Jake Moore, global cyber security adviser for software firm ESET, said: “This is another extremely worrying episode of what we seem to be seeing quite a lot of this year. It’s just worrying to think these police forces are coming under attack in what I would suggest are relatively simple ways.” Mr Moore said the current suspected breach appears to have been “a targeted attack to test the security within the supply chain” where criminals were “looking for the weakest link”.

The Met at Scotland Yard feared the names and photographs of officers were stolen by hackers in a massive security breach. The force's 47,000 personnel were warned of the data leak when hackers managed to penetrate the IT systems of a contractor printing warrant cards and staff passes. Vetting levels and ID numbers were also feared to be among the information taken. The NCA was called in amid fears terrorists or organised gangs could use the stolen data.

A Met Police spokesman said last month: "We have been made aware of unauthorised access to the IT system of a Met supplier. We are working with the company to understand if there has been any security breach relating to Metropolitan Police data. The company had access to names, ranks, photos, vetting levels and pay numbers for officers and staff.

"The company did not hold personal information such as addresses, phone numbers or financial details. Security measures have been taken by the MPS as a result of this report. The MPS has reported the matter to the National Crime Agency. The Information Commissioner's Office is also aware."

ACC Colin McFarlane of GMP said: “We are aware of a ransomware attack affecting a third-party supplier of various UK organisations, including GMP, which holds some information on those employed by GMP. At this stage, it’s not believed this data includes financial information.

“We understand how concerning this is for our employees so, as we work to understand any impact on GMP, we have contacted the Information Commissioners Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported. This is being treated extremely seriously, with a nationally-led criminal investigation into the attack.”

John Scheerhout

Print page

Comments:

comments powered by Disqus