Incident Details
Norfolk and Suffolk constabularies experienced a data breach involving personal identifiable information on victims, witnesses, and suspects, as well as descriptions of various offences, due to a technical issue in response to Freedom of Information requests.
Incident
How Did the Breach Happen?
A technical issue led to the inclusion of raw data from the constabularies in response to FOI requests, exposing personal data that should have been hidden.
What Data has been Compromised?
The compromised data includes personal identifiable information on victims, witnesses, and suspects, as well as descriptions of offences such as domestic incidents, sexual offences, assaults, thefts, and hate crimes.
Why Did the company's Security Measures Fail?
The security measures failed due to a technical issue that allowed the inclusion of sensitive data in the response files to FOI requests.
What Immediate Impact Did the Breach Have on the company?
The company immediately initiated a thorough analysis, started contacting affected individuals, and set up a dedicated team to handle queries and support those impacted.
How could this have been prevented?
- Implement stricter data handling protocols for FOI requests
- Conduct regular audits of data shared in response to requests
- Enhance data protection mechanisms to prevent inadvertent exposure
What have we learned from this data breach?
- The importance of rigorous data privacy controls
- The need for continuous monitoring of data sharing processes
- The significance of prompt and transparent communication with affected individuals
Summary of Coverage
Norfolk and Suffolk Police faced a data breach due to a technical issue in responding to FOI requests, leading to the exposure of personal data of over 1,200 individuals. The authorities are actively addressing the breach and providing support to those affected.