Security News > 2024 > March > Cop shop rapped for 'completely avoidable' web form blunder
The London Mayor's Office for Policing and Crime is being rapped by regulators for untidy tech practices that made public the personal data of hundreds of people who filed complaints against the Metropolitan Police Service.
Between November 11-14 2022, an unnamed employee of the GLA had meant to permit four colleagues access to data shared via the web forms but instead made both forms open to anyone on the internet.
Upon closer inspection, it realized that users could see "Everything that had been submitted via web form, including name, address and reason for submitting compliant," said the ICO. Due to the subject matter of the information exposed, MOPAC contacted the 394 people involved to let them know their "Data had been made available in error," the regulator said.
Further recommendations around information governance and data protection training were uttered by the ICO to maintain compliance with the UK GDPR. "This means highly personal and sensitive information could have been seen publicly," said Anthony Lehman, director for the regulator.
UK biometrics boss bows out, bemoaning bureaucratic blunders Yet another UK public sector data blab, this time info of pregnant women, cancer patients Home of the world's longest pleasure pier joins public sector leak club Greater Manchester Police ransomware attack another classic demo of supply chain challenges Northern Irish cops release 2 men after Terrorism Act arrests linked to data breach.
Cops' fingerprints have been all over data gaffes in recent times, whether that be for mixing up two people's data with serious consequences, or leaking data on their own officers, most notably - but not exclusively - in Northern Ireland last year.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/15/cop_shop_rapped_for_web/