We’ve taken cases on with our No Win, No Fee policy for victims of the recent Police Federation of England and Wales data breach incidents.
The cyber attacks that hit the PFEW took place in March 2019; the first on 9th, and the second on the 21st. Neither were thought to have been specifically targeting PFEW and are understood to have been part of a wider malware incident.
PFEW has confirmed that they’re unable to rule out that information has been exposed. As they’re unable to rule it out, we can take claims for data breach compensation forward for anyone suffering distress as a result of the incident. There could be as many as 120,000 police employees that have been hit by the breaches.
Police Federation of England and Wales data breach incidents are serious
We must recognise that that the two Police Federation of England and Wales data breach incidents are serious. Even if the PFEW believes that information hasn’t been exposed, they cannot rule it out. We know that the environment within many police forces is stressful because of the continual funding issues they’re suffering from. A lot of officers are under increasing pressure, and this kind of data breach incident doesn’t help.
Some 120,000 employees spanning over 40 different forces could have been affected. This is a significant incident, and if information has been exposed, this could lead to severe distress for victims. The exposure of identities and personal information for some officers could be serious.
As the incident wasn’t specifically targeting PFEW, this could be a similar attack to the 2017 WannaCry one. The malware at the centre of the WannaCry incident targeted older and more outdated systems that were easier to breach.
Police Federation of England and Wales data breach investigations underway
The investigations into the two Police Federation of England and Wales data breach incidents are underway. Both the ICO (Information Commissioner’s Office) and the NCA (National Crime Agency) are looking into the malware attack. The NCA is leading the investigation and the ICO could fine PFEW millions of pounds in accordance with GDPR.
Two key aspects of the investigation should be to determine:
- If any information has been exposed, and if it has, what information has been exposed; and
- What (if anything) could have been done to have prevented the incidents taking place.
If more could have been done to have prevented the incidents, the ICO may then have reason to impose a fine. The question as to how there are two separate incidents is also one that needs addressing. Could, at the very least, the incident that took place on the 21st March 2019 have been prevented after the initial one took place on the 9th?
As well as our own investigations for the claims we have taken forward, we’ll be keeping a close eye on the NCA and ICO investigations as well.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a Callback from our team!
Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.
You have the right to object to the processing of your personal data.