London’s Metropolitan Police force says it has stepped up security after a company that holds details of its officers and staff was hacked.
The force said late Saturday that there had been “unauthorized access to the IT system” of one of its suppliers. It said the company, which it did not name, had access to names, ranks, photos, vetting levels and payroll numbers for officers and staff, but did not hold personal information such as addresses, phone numbers or financial details.
The force said it was “working with the company to understand if there has been any security breach relating to Metropolitan Police data,” and had referred the incident to the National Crime Agency.
The Metropolitan Police Federation, a staff association for officers, said the breach had caused “incredible concern and anger.”
“This is a staggering security breach that should never have happened,” said federation Vice Chair Rick Prior. “Given the roles we ask our colleagues to undertake, significant safeguards and checks and balances should have been in place to protect this valuable personal information which, if in the wrong hands, could do incalculable damage.”
The breach follows an incident last month in which the Police Service of Northern Ireland acknowledged it had inadvertently published personal information of more than 10,000 officers and staff in response to a freedom of information request.
Officials fear the information has been obtained by Irish Republican Army dissidents who continue to mount occasional attacks on police, 25 years after Northern Ireland’s peace accord.