Greater Manchester Police has informed its officers of what they say is a potential data breach at a third party supplier.
The force uses the company to produce its officer and staff identification badges.
The National Crime Agency is said to be investigating after the company, yet to be named by GMP, was the victim of a ‘ransomware attack’.
Various other public sector and private organisations are also said to have been involved in the alleged breach.
An email to GMP officers, shared with a regional newspaper, says data from the badges including names, ranks, photos and serial numbers ‘may have been accessed’, but there is nothing to suggest details such as home addresses or financial data is involved.
The attack ‘includes data of personnel at various public sector and other organisations across the UK, including that of GMP and the Metropolitan Police’, according to the message.
ACC Colin McFarlane of Greater Manchester Police (GMP) said: “We are aware of a ransomware attack affecting a third-party supplier of various UK organisations, including GMP, which holds some information on those employed by GMP.
“At this stage, it’s not believed this data includes financial information.
“We understand how concerning this is for our employees so, as we work to understand any impact on GMP, we have contacted the Information Commissioners Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported.
“This is being treated extremely seriously, with a nationally-led criminal investigation into the attack.”
Mike Peake, Chair of the Greater Manchester Police Federation, said: “Our colleagues are undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe. To have any personal details potentially leaked out into the public domain in this manner – for all to possibly see – will understandably cause many officers concern and anxiety. We are working with the force to mitigate the dangers and risks that this breach could have on our colleagues.”
The attack comes just over a month after major data breaches involving the Metropolitan Police Service and the Police Service of Northern Ireland (PSNI). The surnames and initials of 10,000 PSNI employees were accidentally included in a response to a freedom of information request. The details were then published online before being removed.
Follow Neil Wilby on Twitter (here) and Neil Wilby Media on Facebook (here) for signposts to any updates.
Page last updated: Thursday 14th September, 2023 at 17h05
Thank you for reading and a polite request: If you feel this article is of value and in the public interest, and wish to make a contribution to the running costs of this website, it would be very much appreciated. Donations can made securely (and anonymously if required), via Buy Me A Coffee at this link or via PayPal at this link.
Corrections: Please let me know if there is a mistake in this article. I will endeavour to correct it as soon as possible.
Picture credit: GMP
Right of reply: If you are mentioned in this article and disagree with it, please let me have your comments. Provided your response is not defamatory it will be added to the article.
© Neil Wilby 2015-2023. Unauthorised use, or reproduction, of the material contained in this article, without permission from the author, is strictly prohibited. Extracts from, and links to, the article (or blog) may be used, provided that credit is given to Neil Wilby Media, with appropriate and specific direction to the original content.
Neil Wilby Media 
Leave a comment