Cumbria’s police chief said a data breach which led to the names and salaries of officers and staff from Cumbria Constabulary being published online was a ‘one-off’.
Peter McCall, Cumbria’s Police, Fire and Crime Commissioner told the police, fire and crime panel for Westmorland and Furness Council that lessons had been learned from the incident.
He said there was no risk to individual personnel.
“Assurance was given and indeed accepted that the breach was only a one-off incident and learning from it has been taken onboard and processes put in place to ensure it should not happen again and I would reassure the panel that there was no risk to individual personnel as a result of that breach,” he said.
In March this year human error led to the names and salaries of police officers and staff from Cumbria Constabulary being published online.
Mr McCall added: “The procedures for accounting and accountability for that incident were followed as were the accountability framework and individuals affected were spoken to and given reassurance.”
According to The Guardian, the leak affected 1,304 police officers, 756 staff members and 52 police community support officers.
A spokesman for Cumbria Constabulary previously said: “Cumbria Constabulary became aware of a data breach on Monday March 6, 2023 where information about the pay and allowances of every police officer and police staff roles as at March 31 2022 was uploaded to the Constabulary’s website, which was a human error.
“The pay and allowance data also included names and position, however it did not contain information about where the posts were deployed from or personal details such as date of birth and address.
“This information was removed immediately after the breach was identified.
“Cumbria Constabulary immediately contacted every affected person about the data breach, explaining that the impact of this breach was low and the measures the Constabulary had put in place to manage the breach and to prevent it happening again.
“This data breach was referred to the Information Commissioner’s Office as per normal procedure for independent review. It determined that no further action was necessary and gave some advice and recommendations.
“The ICO were satisfied with the actions the Constabulary had taken and the robust steps which were put in place to prevent any further data breaches.”
