10,000 N Ireland police officers and staff have their details exposed after spreadsheet screw-up

9 months ago AndyC

Earlier this week, the details of all 10,000 staff at the Police Service of Northern Ireland (PSNI) were exposed after a spreadsheet containing the data was mistakenly published online.

10,000 N Ireland police officers and staff have their details exposed after spreadsheet screw-up

10,000 N Ireland police officers and staff have their details exposed after spreadsheet screw-up

Earlier this week, the details of all 10,000 staff at the Police Service of Northern Ireland (PSNI) were exposed after a spreadsheet containing the data was mistakenly published online.

The spreadsheet, which had been created in response to a Freedom of Information (FOI) request, revealed the surname, initial, rank or grade, and location of all PSNI employees.

In addition, the spreadsheet described what department individuals worked in. Perhaps less scary if it’s human resources or accounts, but alarming if you worked in an area such as intelligence or surveillance.

Sign up to our free newsletter.
Security news, advice, and tips.

The routine FOI request had only requested information about the total number of officers and staff at all ranks and grades across the PSNI. And yet, an employee accidentally included far far too much information – presumably through a cock-up, rather than with malicious intent.

The data breach has raised fears for officers’ and staff’s personal safety. Hundreds of police officers in Northern Ireland were murdered during The Troubles, and some are still under threat from paramilitaries.

If you’re working for the police service in Northern Ireland, you’re unlikely to be shouting from the rooftops where you work each day – in fact, it’s possible there are members of your own family who don’t know what you do for living.

The sensitive information was accessible for anyone who accessed the “What Do They Know” website for more than two hours on Tuesday afternoon.

In a statement published on its website, the PSNI has said it is investigating the data breach, and has asked that anyone who did access the spreadsheet delete it immediately.

The PSNI has informed the Information Commissioner’s Office of the incident. In a press conference, PSNI chief constable Simon Byrne described the breach of data as an “unprecedented crisis” for the force, but says he will not be resigning.

There have been unconfirmed claims that the sensitive data has been circulating on WhatsApp.

What a mess…

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy.
Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , ,

More Stories

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

9 hours ago AndyC
City of Wichita hit by a ransomware attack

City of Wichita hit by a ransomware attack

21 hours ago AndyC
Why Your VPN May Not Be As Secure As It Claims – Krebs on Security

Why Your VPN May Not Be As Secure As It Claims – Krebs on Security

21 hours ago AndyC
El Salvador suffered a massive leak of biometric data

El Salvador suffered a massive leak of biometric data

1 day ago AndyC

New Lawsuit Attempting to Make Adversarial Interoperability Legal

1 day ago AndyC
Finland authorities warn of Android malware campaign targeting bank users

Finland authorities warn of Android malware campaign targeting bank users

1 day ago AndyC

You may have missed

Opening more opportunities for VMware Cloud Service Providers

Opening more opportunities for VMware Cloud Service Providers

20 mins ago AndyC

Accelerating SaaS security certifications to maximize market access

3 hours ago AndyC

Empowering Cybersecurity with AI: The Future of Cisco XDR

3 hours ago AndyC
Red Hat seeks to shrink IT skills gap with Lightspeed gen AI

Red Hat seeks to shrink IT skills gap with Lightspeed gen AI

3 hours ago AndyC
3+ reasons Apple might want to make its own server chips

3+ reasons Apple might want to make its own server chips

3 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.