Police Scotland hit by over 2,800 suspected data breaches

Police Scotland has been hit by more than 2,800 suspected data breaches or data security incidents since the start of 2019, according to a new report.

The catalogue of suspected incidents dealt with by Scotland’s national police force includes unsecured email accounts, unauthorised access and, in some cases, physical security breaches.

The overall total of suspected data breaches and security incidents is the highest of any force across the UK, although not every force provided information.

The law firm behind the report said failing to address the causes of data breaches could impact the reputation of police forces and may also seriously undermine national security.

The Scottish Conservatives said the high number of suspected breaches underlined the need for the Scottish Government to “properly resource” the force.

The newly published report by Legal Expert, part of JF Law Limited, a Merseyside law firm that has been dealing with data breach claims for nearly a decade, found Police Scotland was the force most affected by data breaches anywhere in the UK.

It submitted Freedom of Information requests to every force in Scotland, England, and Wales, as well as specialist forces, asking for a breakdown of data breaches between January 2019 and November 2021, as well as the cause of them.

While just 11 of the 47 forces provided complete responses, with some not replying at all, the information provided highlights the extent of the problem.

The number of suspected data breaches at Police Scotland was the highest of any force in the UK. Picture: Andrew Milligan/PA

Read More

Read More
Police officer numbers in Scotland hit lowest level since 2008 amid claims of fo...

Across every force in the UK, there were at least 13,332 suspected data breaches or security incidents, which works out at around 19 data breaches a day.

Some 90 per cent of forces had dealt with at least one suspected data security incident, while more than half (59 per cent) had identified more than 100 suspected data breach or security incidents. Over a quarter of all police data breaches were down to email misuse, according to the report.

The data provided by Police Scotland shows there were 2,809 suspected data breaches or data security incidents.

That is by far the highest reported number of any force, although several major forces, such as the Metropolitan Police, did not disclose a total.

Some of those incidents recorded by Police Scotland were down to email misuse, as well as instances of unauthorised access or disclosure, and physical security breaches.

The report said: “Data breaches are a prominent issue for police forces and, given the number of claims made against forces, they are, potentially, a financial burden. Therefore more needs to be done across the sector to improve cyber security and data protection.”

Jamie Greene, the Scottish Conservatives’ shadow justice secretary, said: “The high number of data breaches from Police Scotland are a source of concern due to the serious security implications they can give rise to.

“Some of these breaches are the result of human error and, sadly, that is more likely when Police Scotland is overstretched due to officer numbers falling to their lowest levels since 2008 and when capital funding, including for IT systems, has been cut by the SNP Government.

“The SNP need to properly resource our police in terms of personnel, equipment and facilities – but they are currently failing to do so.”

Police Scotland have been contacted for comment.


Want to join the conversation? Please or to comment on this article.