Personal details of more than 1,000 people, including crime victims, were included in Freedom of Information (FoI) responses issued by Norfolk and Suffolk Police, the forces said.
In a statement, the two East Anglian police said a “technical issue” meant raw crime report data was included in a “very small percentage” of FoI responses issued between April 2021 and March 2022. .
It is the latest data breach involving police responses to FoI requests, after the Northern Ireland Police Service released a document that included the names and other details of around 10,000 officers and staff.
A joint statement read: “Police in Norfolk and Suffolk have identified a problem related to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics issued between April 2021 and March 2022.
“A technical problem has led to some raw data belonging to police officers being included in the files produced in response to the FOI requests in question. The data was hidden from anyone who opened the files, but should not have been included.
“The affected data was information held in a specific police system and related to crime reports. The data includes personally identifiable information about victims, witnesses, and suspects, as well as descriptions of crimes. It was related to a variety of crimes, including domestic incidents, sexual crimes, assaults, robberies and hate crimes.
“A full and thorough analysis of the affected data has now been completed, and today we begin the process of contacting those individuals who need to be notified of an impact to their personal data.
“This will be done by letter, phone, and in some cases face to face, depending on what information was affected and what support is required.
“We expect this process to be complete by the end of September. We will notify a total of 1,230 people whose data has been breached.”
The watchdog investigates
The Information Commissioner’s Office (ICO) data watchdog is investigating.
Stephen Bonner, ICO Deputy Commissioner, said: “The potential impact of a breach like this reminds us that data protection is about people. It’s too early to say what our investigation will find, but this breach, and all breaches, highlights how important it is to have strong measures in place to protect personal information, especially when that information is so sensitive.
“We are currently investigating this breach and a separate breach was reported to us in November 2022.
“In the meantime, we will continue to support organizations to get adequate data protection so that people can feel confident that their information is safe.
“If you have concerns about the way your information has been handled, you can get advice on what to do on our website.”