By Tony O’Reilly-
The police federation would consider legal action once the police investigation after a “monumental” data breach at the Police Service of Northern Ireland (PSNI) has exposed information on all current officers and staff.
The Police Federation for Northern Ireland (PFNI) said the breach could cause “incalculable damage”.
The data contained the surnames and initials of current employees alongside the location and department within which they work.
Police officers in Northern Ireland said they may consider leaving the force or moving home after an unprecedented data breach disclosed details of more than 10,000 officers and staff, it has been claimed.
Liam Kelly, the chair of the Police Federation for Northern Ireland, said many officers went to great lengths to shield their identities, in some cases not telling friends and associates that they were in the police. “I’ve been personally inundated with officers who are outlining that they are shocked, dismayed and basically angry that this has happened,” he said.
Kelly said the federation would consider legal action once the police investigation into what has been categorised as a critical incident concluded. “The trust from our officers is broken by this.”
Political leaders and police representatives on Wednesday grappled with the security and financial implications of an error that could expose officers, including those who work undercover, to terrorist intimidation and attack.
Officers are frightened and their friends and family are in “jeopardy”, said Naomi Long, the leader of the Alliance party who served as justice minister from 2020 to 2022.
She said it would be all but impossible to eradicate the digital footprint of the data breach, which gave the rank and grade data of all employees at the PSNI, including surnames, initials and what department they work in.
The PSNI said no other personal information was included.
The details were included a spreadsheet mistakenly published online in response to a Freedom of Information (FoI) request.
The PFNI said “rigorous safeguards” should have been in place to protect this information.
Assistant Chief Constable Chris Todd, the PSNI’s senior information risk owner, said the matter is being fully investigated and a Gold structure is in place to oversee the investigation and consequences.
“It is actively being reviewed to identify any security issues,” he said.
In a statement in response to the data breach, Mr Todd said: “Police are investigating the circumstances surrounding the release of data within a spreadsheet.
“The data concerned contained the surnames and initials of current employees alongside the location and department within which they work. No other personal information was included.
The breach resulted from information included in error in response to a FoI request.
“We have informed the organisation to make our officers and staff aware of the incident, appreciating the concern that this will cause many of our colleagues and families. We will do all that we can to mitigate any such concerns.
“An initial notification has been made to the office of the Information Commissioner regarding the data breach.
“The information was taken down very quickly. Although it was made available as a result of our own error, anyone who did access the information before it was taken down is responsible for what they do with it next. It is important that data anyone has accessed is deleted immediately.
“This is an issue we take extremely seriously and as our investigation continues we will keep the Northern Ireland Policing Board and the Information Commissioner’s Office updated.”
PFNI chair Liam Kelly said an urgent inquiry is required and wants to hear from the chief constable and his senior colleagues the steps they intend taking to limit the damage to protect identities.
He said: “This is a breach of monumental proportions. Even if it was done accidentally, it still represents a data and security breach that should never have happened.
“Rigorous safeguards ought to have been in place to protect this valuable information which, if in the wrong hands, could do incalculable damage.
“The men and women I represent are appalled by this breach. They are shocked, dismayed and justifiably angry. Like me, they are demanding action to address this unprecedented disclosure of sensitive information.
“We have many colleagues who do everything possible to protect their police roles. We’re fortunate that the PSNI spreadsheet didn’t contain officer and staff home addresses, otherwise we would be facing a potentially calamitous situation.
“Inadequate or poor oversight of FoI procedures must be addressed and addressed urgently. New safeguards are obviously required to prevent this from ever happening again.”