PSNI chief admits officers anxious and angry at data breach

Northern Ireland's police chief has said he is "deeply sorry" about two "industrial-scale" breaches of internal data, revealing the identities of thousands of his officers and staff.

The Police Service of Northern Ireland (PSNI) mistakenly shared details about 10,000 of its employees on Tuesday.

Details of a second data breach from July emerged less than 24 hours later.

Chief Constable Simon Byrne said a PSNI unit set up to support staff had already received over 600 referrals.

Police officers have told their bosses that they are worried about their safety after the incidents.

The breaches have caused shock among officers, many of whom try not to reveal their occupation to people, including their friends and family, due to security reasons.

In the most recent major attack in February, an off-duty senior detective suffered life-changing injuries after being shot several times by dissident republican paramilitaries.

Mr Byrne said he had spoken to his officers and staff and had realised that some were "anxious, frustrated and really, really angry".

"You can only imagine the unconscionable horror as people start to realise that maybe a loved one is put in jeopardy by what they are seeing," he said.

Regarding a claim by dissident republicans that they had obtained the staff list, Mr Byrne said the PSNI had "not been able to verify the substance behind that".

He said he would not resign amid the crisis and offered an apology from himself and his senior team.

"Leadership is not about walking away - it's facing up to responsibility," he said.

"We need consistency and calm heads to lead us through an unprecedented crisis."

Morale within the PSNI is at rock bottom and one big, immediate job for Simon Byrne is restoring his officers' trust in the force.

But the problems don't end there.

Law firms are already making it known that they will represent officers and civilian staff who have had their identities revealed in these data breaches.

With more than 10,000 people affected, the potential bill for compensation could run to tens of millions of pounds.

That would be hugely problematic not just for the PSNI but the wider budget for public services in Northern Ireland.

Mr Byrne was speaking after facing questions in an emergency meeting of the Northern Ireland Policing Board, the independent organisation which scrutinises the work of the PSNI and holds its senior management to account.

The chief constable had returned early from a holiday abroad for the behind-closed-doors meeting on Thursday.

In a press conference after the meeting Mr Byrne acknowledged that the PSNI could face a financial hit if it was required to update its data systems, pay compensation or face a fine from the Information Commissioner's Office.

The chief constable confirmed that no officers had been moved from their homes due to safety concerns after the data breaches.

But he said that the force was assessing whether some specialist officers should be redeployed "away from their usual place of work to a new location".

Policing Board members also heard from the Police Federation, a union representing rank-and-file officers, and the Northern Ireland Public Service Alliance, which represents civilian PSNI workers.

The members "were left in no doubt that this breach has left many staff shocked, worried and angry," said Deirdre Toner, chair of the Policing Board.

"This breach has been identified as due to human error, with very serious consequences," she added.

Ms Toner said the board had impressed upon the PSNI's senior management "the need to ensure every necessary step will be taken to reassure and protect affected staff, and to put the safeguards in place that will ensure this cannot happen again".

The Police Federation said "several hundred" officers had already told their managers they were "concerned and worried" by this week's developments.

In the biggest data breach, described as "monumental" by the union, information about every PSNI officer and civilian employee was mistakenly published in response to a Freedom of Information request.

The information appeared online for three hours on Tuesday and led to the PSNI updating security advice to its officers and staff.

The surname and first initial of every employee, their rank or grade, where they are based and the unit they work in, including sensitive areas such as surveillance and intelligence, were included.

Information about the second data breach, involving the theft of a spreadsheet with the names of 200 officers and staff, emerged on Wednesday.

The PSNI said documents, along with a police-issue laptop and radio, were believed to have been stolen from a private vehicle in Newtownabbey, County Antrim, on 6 July.

The police have since confirmed that they were able to remotely wipe both of these devices and are confident that information on them would not be accessible by a third party.

However, at Thursday's Policing Board meeting ACC Todd revealed that there was a three-week gap between the PSNI laptop being stolen and the theft being reported to his office.

He explained that the information "came through to our security on the 27th and I dealt with it immediately after that, as soon as it came to my attention".

"The gap in between is part of an ongoing investigation," ACC Todd added.

Alliance assembly member Nuala McAllister described Thursday's meeting as "long and intense" but that questions remain about how the data breaches were allowed to happen.

Policing Board member Mark H Durkan said the claim that dissident republicans have information on police officers in the wake of the breaches is "very alarming" and "sadly inevitable".

The Ulster Unionist Party's Mike Nesbitt said some clarity had been provided on how Tuesday's breach came about, saying it was partly a systemic error and partly human error.

He told BBC Radio Ulster's Evening Extra that one of his concerns is possible effects on intelligence gathering.

Informants, he said, might "think twice" about continuing to engage with police, given that "they can't even keep secure information about their own [officers]".

Sinn Féin assembly member Gerry Kelly said the Policing Board had made the point "forcefully" that the PSNI must now work to assess the differing levels of risk faced by individual officers.

The Democratic Unionist Party's policing spokesperson Trevor Clarke acknowledged that the chief constable had "fronted up and apologised" but that "among those directly affected inside and outside [the PSNI] he will ultimately be judged on actions, not words".

Sign up for our morning newsletter and get BBC News in your inbox.