Personal details of thousands of police officers and staff from Greater Manchester Police have been hacked from a company that makes identity cards, the second such cyberattack to affect a major British police force in less than a month.
Details on identity badges and warrant cards, including names, photos and identity numbers or police collar numbers, were stolen in the ransomware attack, Greater Manchester Police said Thursday. The third-party supplier was not identified.
The force said no home addresses of officers or any financial information about individuals was stolen.
“This is being treated extremely seriously, with a nationally led criminal investigation into the attack,” Assistant Chief Constable Colin McFarlane said in a statement.
Britain’s National Crime Agency is leading the investigation into the ransomware attack.
The federation that represents officers in Greater Manchester said it is working with the police force to limit the damage.
“Our colleagues are undertaking some of the most difficult and dangerous roles imaginable to catch criminals and keep the public safe,” said Mike Peake, chair of the Greater Manchester Police Federation. “To have any personal details potentially leaked out into the public domain in this manner — for all to possibly see — will understandably cause many officers concern and anxiety.”
The attack follows the news on Aug. 26 that London’s Metropolitan Police suffered a similar security breach involving one of its suppliers. It also referred the incident to the National Crime Agency.
The breaches follow an incident in July in which the Police Service of Northern Ireland acknowledged that it had inadvertently published personal information of more than 10,000 officers and staff in response to a freedom of information request.
Officials fear the information has been obtained by Irish Republican Army dissidents who continue to mount occasional attacks on police 25 years after Northern Ireland’s peace accord.