Simon Byrne arrived for an emergency meeting with the Policing Board this morning
Hundreds of police officers in Northern Ireland have raised safety worries with their bosses after their identities were revealed in two big data breaches.
The Police Service of Northern Ireland (PSNI) mistakenly shared details about 10,000 officers and staff on Tuesday.
Details of a second data breach emerged less than 24 hours later.
PSNI Chief Constable Simon Byrne has been questioned about the crisis in an emergency meeting of the body that oversees policing in Northern Ireland.
He returned early from a holiday for the behind-closed-doors session with the Policing Board.
The meeting had been due to last for two hours but finally ended after almost double that amount of time.
Mr Byrne is expected to give a press conference shortly.
The breaches have caused shock and fear among officers, many of whom try not to reveal their occupation to people, including their friends and family, due to security reasons.
In the most recent major attack in February, an off-duty senior detective suffered life-changing injuries after being shot several times by dissident republican paramilitaries.
The Police Federation, a union representing rank-and-file officers, said “several hundred” officers had already told to their managers that they were “concerned and worried as a result of what has happened”.
Morale within the PSNI is at rock bottom and one big, immediate job for Simon Byrne is restoring his officers’ trust in the force.
But the problems don’t end there.
Law firms are already making it known that they will represent officers and civilian staff who have had their identities revealed in these data breaches.
With more than 10,000 people affected, the potential bill for compensation could run to tens of millions of pounds.
That would be hugely problematic not just for the PSNI but the wider budget for public services in Northern Ireland.
In the biggest data breach, described as “monumental” by the union, information about every PSNI officer and civilian employee was mistakenly published in response to a Freedom of Information request.
The information appeared online for several hours on Tuesday and led to the PSNI updating security advice to its officers and staff.
The surname and first initial of every employee, their rank or grade, where they are based and the unit they work in, including sensitive areas such as surveillance and intelligence, were included.
Information about the second data breach, involving the theft of a spreadsheet with the names of 200 officers and staff, emerged on Wednesday.
Image source, PA Media
Assistant Chief Constable Chris Todd says officers have been given updated advice about protecting their security
Assistant Chief Constable Chris Todd said documents, along with a police-issue laptop and radio, were believed to have been stolen from a private vehicle in Newtownabbey, County Antrim, on 6 July.
The PSNI had earlier said it was treating Tuesday’s data breach as a critical incident and that an emergency threat assessment group had been established.
“This is an extremely serious situation,” said Mr Todd.
“We fully understand the very real concerns being felt by our colleagues and their families and we are working hard to do everything we can to mitigate any risk.
“As well as general advice on safety and security this multi-disciplinary group will focus on immediate support to those with specific circumstances which they believe place them or their families at immediate risk or increased threat of harm.”
The Police Federation said it was told of the 6 July incident last week and it called for “credible explanations” and a speedy and effective action plan for dealing with both breaches.
“The major security breach was bad enough but this heaps further additional pressure on the PSNI to produce credible explanations around data security protocols and the impact on officer safety,” said chairman Liam Kelly.
Image source, PA Media
Police officers in Northern Ireland are viewed as targets by violent dissident republican groups
The Superintendents’ Association of Northern Ireland, which represents senior officers, demanded to hear what practical steps were being taken “to minimise and manage” the data breaches.
It said it had “always taken great care to protect officers’ identities and this has left many of their colleagues feeling vulnerable and understandably upset”.
Prof Kevin Curran, a cyber security expert at Ulster University, said there were methods that should be used to prevent sensitive data being shared or lost.
“Data classification is used by many organisations – where you tag documents as being sensitive – and these tools can work in the background and can prevent leaks if a document is correctly tagged,” he said.
“Cyber security training should be mandatory for all organisations but humans are often the weak point in the chain.”
Threats faced by police
More than 300 police officers were murdered in Northern Ireland during the 30 years of violence known as the Troubles and officers and staff remain under threat from republican paramilitaries.
Dissident groups opposed to the 1998 Good Friday peace agreement remain committed to using violence to try to bring about a united Ireland and they consider PSNI officers to be “legitimate targets”.
One of those groups, the New IRA, has claimed responsibility for the most recent attack on an officer – the shooting of Det Ch Insp John Caldwell in Omagh, County Tyrone, in February.
He spent two months in hospital recovering from his injuries.
One serving officer told BBC News NI: “Most police officers are so conscious of their safety they don’t just go shouting their profession about the place – it’s ingrained into you from the start.”
