Investigation Launched into Police Ombudsman for Northern Ireland Data Breach

An investigation has been launched following a data breach at the Police Ombudsman for Northern Ireland (PONI) that exposed the personal details of over 150 current and former staff members. The breach occurred when a document containing employee information was inadvertently released to 22 individuals who were being considered for investigator positions at the ombudsman’s office.

The leaked information included the first name initial and last name of all staff members employed at PONI as of May 2022, along with details of their employment status such as part-time, agency, contracted, or seconded. The document also revealed information about staff members who had resigned, were due to retire, on career breaks, moving between teams, or new starts.

Chief executive Hugh Hume notified staff members of the breach, and immediate action was taken to mitigate the situation by contacting those who received the document in error. So far, 12 of the 22 individuals have confirmed that they have deleted the email and associated documentation.

This is not the first data breach incident involving law enforcement in Northern Ireland. Previously, the Police Service of Northern Ireland (PSNI) faced scrutiny when partial names and other details of 10,000 PSNI staff members were accidentally released in response to a Freedom of Information request. The released information later fell into the hands of dissident republicans after being online for three hours.

In a separate incident, a PSNI laptop and notebook were lost when they fell from a moving vehicle on the M2 motorway outside Belfast. The PONI office has apologized for the breach and is working with the Information Commissioner’s Office to investigate the incident and implement necessary recommendations to prevent future breaches.