Suffolk and Norfolk admit to data breach involving 1,230 people’s data

Suffolk and Norfolk Constabularies have admitted breaching the data of 1,230 people.

Tim Passmore, the Police and Crime Commissioner for Suffolk said “There has been a data breach involving some Suffolk Constabulary data – this should not have happened and I apologise that it has.

“I have requested regular updates from the Chief Constable so I can be assured everything reasonably possible is being done to put matters right.

“I will also be looking at a full review of the Constabulary’s information sharing processes to guard against something like this ever happening again.”

The breach is relating to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022.

A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question. The data was hidden from anyone opening the files, but it should not have been included.

The data impacted was information held on a specific police system and related to crime reports. The data includes personal identifiable information on victims, witnesses, and suspects, as well as descriptions of offences. It related to a range of offences, including domestic incidents, sexual offences, assaults, thefts and hate crime.

The force said “a full and thorough analysis into the data impacted has now been completed and today, we have started the process of contacting those individuals who need to be notified about an impact to their personal data. This will be done via letter, phone, and in some cases, face to face depending on what information was impacted and what support is required. We expect this process to be complete by the end of September. We will be notifying a total of 1,230 people whose data has been breached”.

“Within the notification, people will be provided with all the necessary information including what personal data specific to them has been impacted and details of who they can contact for support. A dedicated specialist team has been set up to handle any queries about this incident. They can be reached on 01603 276647 or email dataincident@suffolk.police.uk”.

“Strenuous efforts have been made to determine if the data released has been accessed by anyone outside of policing. At this stage we have found nothing to suggest that this is the case”.

“If members of the public are not contacted by the constabularies, they do not need to take any action”.

The Information Commissioner’s Office (ICO) has been notified of the data breach.

T/Assistant Chief Constable of Suffolk Police, Eamonn Bridger, who led the investigation on behalf of both forces, said:
“We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk.

“I would like to reassure the public that procedures for handling FOI requests made to Norfolk and Suffolk constabularies are subject to continuous review to ensure that all data under the constabularies’ control is properly protected”.