Norfolk and Suffolk police: Victims and witnesses hit by data breach

A total of 1,230 people, including victims of crime and witnesses, have had their data breached by Norfolk and Suffolk police forces.

The constabularies said the personal information was included in Freedom of Information (FOI) responses due to a "technical issue".

They said the data was hidden from anyone opening the files but should not have been included.

It included descriptions of offences including sexual and domestic assaults.

The forces have apologised for the breach.

They said the information was attached to 18 responses to FOI requests for crime statistics issued by the forces between April 2021 and March 2022.

The FOI responses were sent to individuals including journalists and researchers.

The data included personal identifiable information on victims, witnesses and suspects relating to a range of offences including sexual offences, domestic incidents, assaults, hate crime and thefts, the forces said.

Victims of sexual offences should have lifelong anonymity under law.

Both the Norfolk and Suffolk forces described the data as "hidden from anyone opening the files" and said they had found "nothing to suggest" it had been accessed by "anyone outside of policing".

They said the data would not have been "immediately obvious" and anyone who had received the FOI response would have "needed to know how to access the information".

All those affected are expected to be contacted by letter, phone or in person by the end of September, the forces said.

Suffolk's temporary assistant chief constable, Eamonn Bridger, who led the investigation, said once they were aware of the breach they took "immediate steps" to react and remove the data from the public domain.

"The management of information is a complex area of policing, especially when we're talking about huge volumes of data... occasionally things can go wrong.

"We're not fully completed in our internal investigation at this stage, however, we've already conducted a rapid internal review of policy and procedure to minimise the likelihood of these things happening again," he said.

He added: "I recognise the seriousness of this incident and take the opportunity to apologise that this data breach has occurred.

"I deeply regret any concern that it has caused to any member of the public."

The Information Commissioner's Office (ICO) said it was investigating the matter.

Stephen Bonner, deputy commissioner at the ICO, said: "The potential impact of a breach like this reminds us that data protection is about people.

"It's too soon to say what our investigation will find, but this breach - and all breaches - highlights just how important it is to have robust measures in place to protect personal information, especially when that data is so sensitive."

Tim Passmore, the Conservative police and crime commissioner for Suffolk, said it was a "very, very serious issue" and he needed to understand "how on earth this could have happened".

"No stone will be left unturned to get to the bottom of this. Where there are lessons to be learned and changes to be made, I give an absolute pledge that they will be put in place," he said.

It is not the first time Suffolk Police has breached victims' personal details.

In November, names and addresses of victims could be seen on the Suffolk Police website.

Follow East of England news on Facebook, external, Instagram, external and Twitter, external. Got a story? Email eastofenglandnews@bbc.co.uk, external or WhatsApp 0800 169 1830