Victims and witnesses hit by Norfolk and Suffolk Police data breach as forces apologise to more than 1,000 affected

15 August 2023, 13:17 | Updated: 15 August 2023, 13:22

More than 1,000 people have been hit by a data breach after Norfolk and Suffolk police inadvertently released their details.

The data was breached in a “very small percentage” of Freedom of Information (FOI) request responses between April 2021 and March 2022.

The forces attributed the leak to a “technical issue” and have since issued an apology to those affected.

It included identifiable information on 1,230 people - including victims, witnesses, and suspects on offences ranging from sexual offences to hate crimes and thefts.

Suffolk Police said that the information breached was “hidden” in an Excel spreadsheet and a person opening the files would need to know what they were looking for to access the data.

The forces said they had found “nothing” so far to suggest anybody outside of policing had accessed the information.

It comes after it emerged last week the Police Service of Northern Ireland (PSNI) had also been hit by a data breach as a result of responding to an FOI request, which affected some 10,000 officers and staff members of the force.

Read more: Worker who died in 'machinery incident' at Everton's new stadium named as 26-year-old fan of Premier League club

Read more: Drug dealer who shot and poured acid on father-of-two says he is 'knight in shining armour' as 'victim raped girlfriend'

In a joint statement on Tuesday, Norfolk and Suffolk police said: “Norfolk and Suffolk Constabularies have identified an issue relating to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022.

"A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the FOI requests in question. The data was hidden from anyone opening the files, but it should not have been included."

They also added that those affected by the breach will be contacted by letter, phone, and face-to-face, depending on the personal data leaked.

"We expect this process to be complete by the end of September. We will be notifying a total of 1,230 people whose data has been breached,” they added.

Assistant chief constable of Suffolk Police, Eamonn Bridger, apologised for the incident and said: "We would like to apologise that this incident occurred, and we sincerely regret any concern that it may have caused the people of Norfolk and Suffolk."

An investigation has been opened by data watchdog the Information Commissioner’s Office (ICO).

It is not the first time the Suffolk force has breached victims’ details, as the names and addresses of victims were inadvertently released on their police website last November.