Thousands of UK police officers have fallen victim to a cyberattack on a third-party supplier, resulting in the theft of their personal information. Greater Manchester Police (GMP), one of the largest police departments in the country, confirmed that the attack targeted Stockport-based identity card maker Digital ID, the supplier of their employee identification cards.
A cyberattack on a third-party supplier has resulted in the theft of personal data belonging to thousands of UK police officers. The type of information accessed has not been disclosed, but financial data is reportedly unaffected. The incident is being treated with utmost seriousness, and a national criminal investigation is underway.
Details of the Attack
The full extent of the data breach is yet to be determined, but GMP has assured its employees that no financial information has been compromised. Although exact numbers remain undisclosed, it is believed that the personal details of approximately 20,000 individuals have been stolen. GMP has taken the matter seriously, involving the Information Commissioner’s Office and launching a national criminal investigation into the incident.
Involvement of Digital ID
Digital ID, which serves over 22,000 customers worldwide, including GMP, has neither confirmed nor denied being the target of a ransomware attack. The company prints employee identification cards and thus requires access to personal information from its clients. Despite inquiries, both GMP and Digital ID have refused to divulge the type of data accessed.
Other Incidents Involving Suppliers
This is not the first incident where a supplier’s IT system has been compromised, resulting in a data breach affecting UK police departments. Last month, London’s Metropolitan Police reported a breach that exposed sensitive information belonging to their officers and staff. The supplier responsible for the breach was not named.