Greater Manchester Police latest force to suffer serious data breach

Graham Cluley
Graham Cluley
@[email protected]

Greater Manchester Police latest force to suffer serious data breach

Uh-oh, yet another UK police force has suffered a serious data breach.

After the incidents involving Cumbria Police, Norfolk and Suffolk Police, and – perhaps worst of all – the PSNI in Northern Ireland, it’s now Greater Manchester Police finding itself in the hot seat.

According to a brief statement on its website, Greater Manchester Police (GMP) says a third-party supplier has been hit by a ransomware attack, which has resulted in data of it and other UK organisations being compromised.

BBC News goes into more detail, explaining that the supplier produced ID badges for GMP staff.

The significance of that? Thousands of police officers’ names now could be in the public domain – a particular problem for those whose identities are more sensitive due to the undercover work they do.

Sign up to our free newsletter.
Security news, advice, and tips.

Once again, an organisation is learning that it’s not enough to have strong defences for your own infrastructure to prevent hackers from stealing data. It’s also necessary to ensure that any suppliers or partners who you grant access to your data are similarly well protected.

Greater Manchester Police says it has informed the Information Commissioner’s Office (ICO) about the incident.

August’s data breach involving all 10,000 of Northern Ireland’s police service also involved the personal details of serving police officers and staff, exposed through a spreadsheet that carelessly included their names, ranks, and where they were based – putting their personal safety at risk.

The sensitive list was later confirmed by the police to be in the hands of dissident republicans, amongst others.

In total four arrests have so far been made in Northern Ireland related to the data breach, with one man charged with having articles for use in terrorism.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.