PSNI leaks staff details in massive ‘human error’ data breach

9 Aug 2023

Image: © Shawn/

The leaked data is a concern for various officers in sensitive roles who operate under a ‘severe threat’ of terrorism.

The Police Service of Northern Ireland (PSNI) has suffered a data breach, which revealed the details of all current employees within the organisation.

The PSNI said the data was published accidentally in response to a Freedom of Information request. PSNI assistant chief constable Chris Todd said this request was to understand the “total numbers of officers and staff at all ranks and grades across the organisation”.

In a video shared by RTÉ, Todd said one worker accidentally embedded the “source data”, which contained the surnames and initials of all current PSNI employees, along with their work location and department. The initial investigation points to this being a case of “human error”, Todd said.

The leaked data also includes details of officers working in sensitive areas, including roughly 40 PSNI staff that are based with MI5, the Belfast Telegraph reports.

Todd said that PSNI staff operate in an environment that has a “severe threat” of terrorism and that this data breach is “the last thing that anybody in the organisation wants to be hearing”.

“I understand that that will be of considerable concern to many of my colleagues and their families,” Todd said.

One police officer told the BBC that many PSNI staff go to great lengths to protect their identities and would be worried by this breach.

In a statement, Todd said the PSNI was able to take the leaked information down “very quickly”. The Guardian reports that the data was available to the public for two and a half or three hours.

Todd said the PSNI has informed the Information Commissioner’s Office of the data breach.

The organisation also issued a warning to individuals who attempt to use the leaked data. “Although it was made available as a result of our own error, anyone who did access the information before it was taken down is responsible for what they do with it next,” Todd said. “It is important that data anyone has accessed is deleted immediately.”

The data of individuals continues to be a valuable resource for criminals. Earlier this year, the ransomware group ALPHV said it stole 70TB of sensitive data from a trust that is part of the UK National Health Service.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic