‘Human error’ sees names and salaries of Cumbria officers and staff published online
Cumbria Constabulary has acknowledged that a data breach earlier this year resulted in the names and salaries of all its officers and staff being accidentally published online.
The force said “human error” led to the information being wrongly uploaded to its website on March 6.
The incident follows last week’s “unprecedented and industrial-scale data breach” at the Police Service of Northern Ireland (PSNI), which saw the surnames and initials of all current officers and staff, together with the location and department in which they work, mistakenly shared online in response to a Freedom of Information request.
Details of a second data breach emerged less than 24 hours later when the PSNI revealed that documents, including a spreadsheet containing the names of more than 200 serving officers and staff, were stolen from a private vehicle last month.
Cumbria Constabulary said the impact of its data breach was “low”, and “robust steps” were put in place to prevent any further breaches.
In a statement, the force said: “Cumbria Constabulary became aware of a data breach on Monday March 6, 2023, where information about the pay and allowances of every police officer and police staff roles as at March 31, 2022, was uploaded to the constabulary’s website, which was a human error.
“The pay and allowance data also included names and position, however, it did not contain information about where the posts were deployed from or personal details such as date of birth and address.
“This information was removed immediately after the breach was identified.
“Cumbria Constabulary immediately contacted every affected person about the data breach, explaining that the impact of this breach was low and the measures the constabulary had put in place to manage the breach and to prevent it happening again.
“This data breach was referred to the Information Commissioner’s Office (ICO) as per normal procedure for independent review.
“The ICO determined that no further action was necessary and gave some advice and recommendations.
“The ICO were satisfied with the actions the constabulary had taken and the robust steps which were put in place to prevent any further data breaches.”