Former officers say 'lessons not learned' from previous leaks of sensitive police data

​Two former anti-terrorist officers, who were involved in separate fatal shooting incidents, both previously spoke to the News Letter, in 2020 and earlier this year respectively, to highlight that sensitive data was not being held in a way that would prevent security blunders.

Both officers have decided to speak out again in response to the recent data breaches involving the PSNI.

Just over a week ago, personal details on all 10,000 police officers and support staff were mistakenly released in response to a routine Freedom of Information request.

The following day it emerged that police were also investigating the theft of a PSNI laptop, radio and information on 200 officers and staff from an officer’s private vehicle. On Friday, police also said a laptop and notebook belonging to a senior officer “fell from a moving vehicle” on the M2 motorway in Belfast before being recovered.

One of the former officers who spoke to the News Letter, said a major security breach in 2020 resulted in his name being released by the Coroners Service to two solicitors’ firms.

The ex-Headquarters Mobile Support Unit (HMSU) officer had been involved in a fatal shooting incident and his name had been protected by a cipher throughout the inquest process. A total of 18 police officers and one member of the security services were involved and had been guaranteed full anonymity.

Although the firms involved have declared the sensitive material was deleted as requested, the former officers claim this was the third similar incident and is a major deterrent to them engaging with the coronial system in future.

"I had to leave my job because [my details were released],” he said.

“And it has just been one mistake after another…. what confidence can you have that your data is safe?”

The former officer said he was surprised that no one, that he knows of, faced any sanctions over the breaches within the Department of Justice, and that he feared the security of information on police officers was not being taken seriously enough across the criminal justice system.

"My understanding is that no one [at the Coroners Service] was disciplined, no one was sacked,” he said.

"The PSNI said they did a risk assessment and that there was no specific threat to me [as a result of the leak], but I didn’t see the risk assessment to see if I agreed with it.”

He said he was so concerned that he considered moving house.

“The implcations of the latest leaks from the PSNI are going to be huge – they haven’t even seen it yet”.

The second former special operations officer who spoke to the News Letter was involved in the fatal shooting of IRA member Colum Marks in Downpatrick in 1991.

Although his identity was protected throughout the judicial process by the cipher ‘Officer B’, around 2018 a file containing his name and other personal details was sent to a solicitor representing the Marks family by an unknown person.

The solicitor handed the file over to the relevant authorities, but the officer had serious concerns he felt were not properly addressed by the PSNI, and that he was invited to download general security advice information from the PSNI website.

Commenting on last week’s major data breach, the ex-officer said that, apart from the widespread concerns expressed by regular officers, those involved in highly specialised roles will be worst affected.

"The biggest danger is going to be to SOB (Special Operations Branch) and the MI5 ones. And then the Catholic officers – particularly those with unusual names.”

A 50-year-old man was arrested in Dungiven, Co Londonderry on Friday by detectives investigating potential criminality linked to last week’s data breach. A 39-year-old man detained in Lurgan on Wednesday has been released pending further enquiries.

According to the Police Federation, 3,480 serving officers have expressed an interest in joining any legal action arising from the data breach – with several claiming they are now considering moving house over fears their safety has been compromised.

• ​In response to the unauthorised release of highly sensitive data on police officers in 2020, the Legacy team at the Coroners Service said a “full review” of their procedures would be carried out.

When news of the data breach was made public, a spokeswoman for the Legacy Inquest Unit (LIU) told the News Letter that they “responded to all requests for information forwarded by individuals affected by the incidents of inadvertent disclosure,” and added: “The LIU has also communicated comprehensively with the Crown Solicitor’s Office (which represents the affected individuals) in respect of these matters and continues to engage with the Office of the Police Ombudsman for NI and the Records and Information Management Team at the Department of Justice.”

The spokeswoman also said that different staff members were involved in each of the incidents in question, and that “a full review of disclosure management procedures, including looking at the responsibilities and obligations of partner Disclosure Providers, is currently underway.”

One of the former specialist police officers affected by the data breach said at the time that he hoped the Information Commissioner’s Office would be investigating the matter.However, an ICO spokesperson said yesterday: “Having checked with relevant teams, we do not appear to have record of an investigation regarding this data controller for the time frame noted. This may be due to our retention policy.”

Asked if the ICO had made any early progress in establishing how the massive data breach occurred at the PSNI’s Freedom of Information office last week – or establishing the scale of the data breach arising from the laptop theft in Newtownabbey in July – the ICO spokesperson said: “Regarding the more recent incidents, we do not have anything further to add.”