In a cyber-attack that has struck two of Britain's most well-known police forces, an expert has warned of a high probability that the personal details of tens of thousands of public sector workers may have been compromised.
Last month, the Metropolitan Police (Met) was also hacked similar to that which hit Greater Manchester Police (GMP) on Thursday. The hacking also affected nearly 12,500 officers and staff of Met last month.
A third-party supplier used by both police forces is believed to have been compromised by the ransomware attack that stole the information contained on the warrant cards of officers – including their names, ranks, photos and serial numbers – at the time.
There was a breach at a Stockport-based company, Digital ID, that produces identity cards and lanyards for several UK organizations, including several NHS trusts and universities, which the National Crime Agency said has been the subject of a criminal investigation.
According to the message, the attack 'includes data of personnel that work for the public sector and other organisations throughout the UK including GMP and the Metropolitan Police', and the attack also violated the security of several other organisations.
As a result of the investigation, investigators have begun making conclusions about the possibility of names, ranks, photos, and serial numbers being accessed from the badges.
There was a massive security breach of the Met Police last month, causing officers and staff to be hacked in an unprecedented manner.
In the wake of a cyber crook's breach of the IT systems of a contractor printing warrant cards and staff passes, all 47,000 military members were warned of the possibility their photos, names and ranks been stolen.
After becoming aware of the incident last month, Digital ID said it notified cyber experts who notified the company. According to the company, most of its clients purchase its printers and produce ID cards at their own offices, which means that there is no need to transfer huge amounts of employee data to third parties, as most clients buy its printers and print ID cards on-site.
Some clients, however, are still providing employee data to Digital ID so that it can print employee cards for them. It is understood that these customers include the Metropolitan Police as well as the General Medical Council.
According to a source, most of these identity cards were inactive when they left Digital ID's headquarters, which is where they were created. Despite such clearly visible security measures, it appears that cyber-attackers have somehow managed to access the data produced by the system.
The highly sensitive nature of the work conducted within the policing system at both forces will lead to serious security concerns due to the high number of officers and staff employed by both forces, which have the most active counter-terrorism units in the country.
Scotland Yard was alarmed once again last month after a massive breach of security that exposed the names, pictures, and other personal information of officers. It has been revealed that 10,000 people belonging to the Northern Ireland police service had their personal data mistakenly disclosed earlier in August.
Hackers are believed to have stolen the names and photographs of police officers in a massive security breach at the Met at Scotland Yard. After hackers successfully penetrated the IT systems of the contractor printing the warrant cards and staff passes for the force, 47,000 employees were notified of the data leak.
It was also feared that the information taken may include information regarding the vetting process and identification numbers. The NCA issued a report about the possibility of terrorists or organised gangs using the stolen data for their malicious purposes.
According to reports, the National Crime Agency was contacted over concerns that terrorists or organised gangs may be able to use the stolen data to commit acts of terrorism. Levels of vetting, as well as ID information, were feared to have been among the information taken.