Greater Manchester Police officers’ details hacked in cyber attack
Police officers’ personal details have been hacked after a company was targeted in a cyber attack.
The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP).
The force confirmed it was aware of the ransomware attack.
The hack means thousands of police officers’ names are at risk of being placed in the public domain.
One officer, speaking anonymously to the BBC, said while the names of many officers were publicly available, there was particular concern regarding the identities of undercover officers.
Assistant Chief Constable Colin McFarlane said he understood how concerning the matter was.
“At this stage, it’s not believed this data includes financial information,” he said.
“We have contacted the Information Commissioner’s Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported.
“This is being treated extremely seriously, with a nationally-led criminal investigation into the attack.”
The National Crime Agency confirmed it was leading the investigation.
‘Worrying’
It comes just over a month after a major data breach within the Police Service of Northern Ireland.
In that incident, surnames and initials of 10,000 police employees were accidentally included in a response to a Freedom of Information request.
The details were then published online before being removed.
Last month, the Metropolitan Police was also put on alert after a similar security breach involving one of its suppliers.
Ed Gibson, a former FBI investigator who also headed cyber security at Microsoft UK, said any report of hacking of law enforcement data was “extremely worrying”.
“You don’t want this stuff falling into the wrong hands,” he added.
He said any company facing a ransom demand should “get it investigated, don’t pay up”.
This kind of extortion is very lucrative for criminals, he said, adding: “It used to be a horse’s head in the bed now its an email to your IT department.”
Mike Peake, chairman of Greater Manchester Police Federation, said: “Our colleagues are undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe.
“To have any personal details potentially leaked into the public domain in this manner – for all to possibly see – will understandably cause many officers concern and anxiety.
“We are working with the force to mitigate the dangers and risks that this breach could have on our colleagues.”
Elizabeth Baxter, head of cyber investigations at the Information Commissioner’s Office, said police officers and staff expected their information to be kept secure, and were “right to be concerned when that doesn’t happen”.
“This incident has been reported to us, and we’ll now be looking into what happened, and asking questions on behalf of anyone affected,” she said.
Why not follow BBC North West on Facebook, X and Instagram? You can also send story ideas to northwest.newsonline@bbc.co.uk