In 2020, more than 2,000 data breaches were reported by UK police forces.
#breach #ukpolice #cybersecurity #cybercrime
According to data acquired by VPNoverview, UK police forces experienced 2,386 data breaches in 2020.
The data was made public after 31 of the UK’s 45 police forces responded to a Freedom of Information request, and it contains numerous troubling details. For example, between January 2016 and April 2021, police stations saw an average of 299 data breaches, according to the research. It confirms that the number includes both illegal hacking and human error, albeit it does not define how those occurrences occurred. Because cyber thieves are increasingly targeting important services, we wouldn’t be shocked if at least some of the cases featured ransomware.
When a police agency loses access to its systems, it poses a threat to public safety, and as a result, they may be more readily convinced to disregard experts’ advice and pay the ransom. Meanwhile, malicious insiders are a strong possibility. Officers and staff have access to a lot of sensitive information, and there’s always the chance that someone will look up someone’s file without their permission. Indeed, according to a second Freedom of Information request from 2019, 237 UK police officers were punished and 11 were fired for doing so.
Who are the most egregious offenders?
According to the VPNoverview research, Lancashire Constabulary had the most incidences in 2020. (594). Sussex Police came in second with 334 officers, followed by Humberside Police (230), the Northern Ireland Police Service (194), and Durham Constabulary (125). Meanwhile, Cheshire Police reported 289 data breaches in 2019–2020, according to information filed in financial years. The Metropolitan Police and Dorset Police, on the other hand, declared that no data breaches had occurred since at least 2016.
This may be evidence of insufficient records or a broad definition of “data breach” rather than strong data protection policies, as encouraging as it sounds. After all, security incidents are a constant threat to all organizations — and this is especially true for law enforcement agencies that handle vast volumes of sensitive data — which is why experts like us advise organizations to prioritize both information security and incident response.