CHESHIRE Constabulary has accidentally released the names of 850 victims of racially or religiously aggravated crime.
Victims’ identities were revealed in a Freedom of Information (FOI) response which legitimately also gave the person’s ethnicity and the offence in each case – but not addresses or dates of birth.
The data was available on the force website where all FOI responses are published. Although hidden, the details had not been removed and were accessible from within a spreadsheet.
Cheshire Constabulary has notified the Information Commissioner’s Office of the breach.
Police spokeswoman Shelley Williams said: “The constabulary takes all matters relating to the access and retrieval of personal and confidential data very seriously and any breaches of data confidentiality are investigated thoroughly.
“Although breaches of this nature are rare, on this occasion the initial assessment would indicate that an administrative error meant that confidential data, embedded via a hyperlink into another report, was made accessible via the force website.
“The link has since been removed and the matter will be fully investigated and has been referred to the Information Commissioners Office for assessment. A full review is under way to ensure that same error has not taken place in any other force data.
“We greatly regret this error has occurred and we would like to reassure the public that the Constabulary take personal victim data very seriously. We are taking all appropriate steps to rectify this limited breach of data security.”
The data breach relates to an historic FOI request answered in February 2010. The requester asked for a breakdown of crimes categorised as racially or religiously motivated but did not ask for the victims’ names. Most of the incidents were racist hate crimes, but some were religious or homophobic.
An FOI specialist, who does not wish to be named, stumbled across the problem last week and immediately alerted police.
