Police Federation pays £15m to officers hit by cyber attack
The Police Federation has paid out £15 million to 19,000 current and former officers who had their personal details compromised and stolen by cyber criminals.
Two huge attacks exposed the home addresses of some officers to hackers six years ago, and in March 2022 the federation admitted liability for unlawfully processing officers' personal details by not having proper protection in place.
The attacks sparked panic among rank and file officers who feared their safety had been compromised.
The federation has admitted that two recently settled group actions 'have had an enormous impact on the finances and assets of the PFEW (Police Federation of England and Wales) and the organisation could not withstand a further claim of this nature'.
Hackers accessed Police Federation systems and encrypted several of its databases during the attacks, making them inaccessible.
Now the organisation, which represents 145,000 rank and file officers, has agreed to settle the claim for £15 million, inclusive of legal and insurance costs.
It had been claimed that the names, email addresses, National Insurance numbers and ranks of around 120,000 police officers had been exposed.
A source said: 'This is a huge settlement. It caused huge concern among rank and file police officers up and down the country.'
'Agreed a settlement'
The settlement had been revealed by Monckton Chambers, the law firm.
Mukund Krishna, the chief executive officer of the Police Federation, said it was his priority to resolve the two historic action claims that 'hung over the organisation' when he became CEO in July 2023.
He added: 'At the end of last year, we agreed a settlement following the employment tribunal ruling against us regarding pension discrimination.
'I am now pleased to say that we have settled the data protection claims brought against PFEW by just under 20,000 members and former members. This claim followed two separate cyber attacks suffered by the federation over six years ago.
'The federation has taken the pragmatic view that settlement of the litigation is in the best interests of both the federation and its members.
'The negotiation of these settlements has required a huge amount of detailed work but will, collectively, provide the federation with much greater financial certainty going forward. This outcome will also allow PFEW to move on and focus all our efforts on transforming the organisation and serving the membership.'
A total of £15 million will be paid in stages, which covers all 19,159 claims for damages but also includes legal costs, expenses and the costs of insurance cover.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Reuters
20 minutes ago
- Reuters
Disorder breaks out in Northern Ireland for third straight night
BALLYMENA, Northern Ireland, June 11 (Reuters) - Public disorder broke out in Northern Ireland for the third successive night on Wednesday with videos and pictures on social media purportedly showing a fire in a leisure centre in the town of Larne after masked youths smashed the building's windows. Reuters could not immediately verify the authenticity of the clips. Hundreds of masked rioters attacked police and set homes and cars on fire 33 kilometres (20 miles) west in Ballymena during the previous two nights in what police condemned as "racist thuggery." Thirty-two officers were injured. Riot police and armoured vans blocked roads in Ballymena on Wednesday evening as a crowd of around 200 people watched on. Two rocks were thrown at a police van and one person kicked the bonnet of a police van, a Reuters witness said. The police vans slowly moved towards the crowd who were warned over a loud speaker to disperse immediately as force was "about to be used against violent individuals." The violence initially erupted after two 14-year-old boys were arrested and appeared in court, accused of a serious sexual assault on a teenage girl in Ballymena, located 45 kilometres (28 miles) from Belfast. The charges were read via a Romanian interpreter to the boys, whose lawyer told the court that they denied the charge, the BBC reported. Police are investigating the damaging of property in Ballymena as racially-motivated hate crimes.
Telegraph
27 minutes ago
- Telegraph
Rioters torch cars and attack police in Salford
A 16-year-old girl has been arrested on suspicion of assaulting a police officer after riot police tackled 'serious disorder' in Greater Manchester. There were reports of cars being set alight and bricks being thrown during the disturbance in Salford. Around 60 youths gathered on Lower Broughton Road at about 1.30pm on Wednesday, using cars and wheelie bins to block off the road. There were reports of vehicles being stolen, damaged and burnt out, motorbikes being used and bricks thrown at officers, Greater Manchester Police said.
The Independent
36 minutes ago
- The Independent
With retail cyberattacks on the rise, customers find orders blocked and and empty shelves
A string of recent cyberattacks and data breaches involving the systems of major retailers have started affecting shoppers. United Natural Foods, a wholesale distributor that supplies Whole Foods and other grocers, said this week that a breach of its systems was disrupting its ability to fulfill orders — leaving many stores without certain items. In the U.K., consumers could not order from the website of Marks & Spencer for more than six weeks — and found fewer in-store options after hackers targeted the British clothing, home goods and food retailer. A cyberattack on Co-op, a U.K. grocery chain, also led to empty shelves in some stores. Cyberattacks have been on the rise across industries. But infiltrations of corporate technology carry their own set of implications when the target is a consumer-facing business. Beyond potentially halting sales of physical goods, breaches can expose customers' personal data to future phishing or fraud attempts. Here's what you need to know. Cyberattacks are on the rise overall Despite ongoing efforts from organizations to boost their cybersecurity defenses, experts note that cyberattacks continue to increase across the board. In the past year, there's also been an 'uptick in the retail victims" of such attacks, said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a U.S. nonprofit. 'Cyber criminals are moving a little quicker than we are in terms of securing our systems," he said. Ransomware attacks — in which hackers demand a hefty payment to restore hacked systems — account for a growing share of cyber crimes, experts note. And of course, retail isn't the only affected sector. Tracking by NCC Group, a global cybersecurity and software escrow firm, showed that industrial businesses were most often targeted for ransomware attacks in April, followed by companies in the 'consumer discretionary' sector. Attackers know there's a particular impact when going after well-known brands and products that shoppers buy or need every day, experts note. 'Creating that chaos and that panic with consumers puts pressure on the retailer,' Steinhauer said, especially if there's a ransom demand involved. Ade Clewlow, an associate director and senior adviser at the NCC Group, points specifically to food supply chain disruptions. Following the cyberattacks targeting M&S and Co-op, for example, supermarkets in remote areas of the U.K., where inventory already was strained, saw product shortages. 'People were literally going without the basics,' Clewlow said. Personal data is also at risk Along with impacting business operations, cyber breaches may compromise customer data. The information can range from names and email addresses, to more sensitive data like credit card numbers, depending on the scope of the breach. Consumers therefore need to stay alert, according to experts. 'If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward," Clewlow said, noting that recipients of the data may try to commit fraud 'downstream.' Fraudsters might send look-alike emails asking a retailer's account holders to change their passwords or promising fake promotions to get customers to click on a sketchy link. A good rule of thumb is to pause before opening anything and to visit the company's recognized website or call an official customer service hotline to verify the email, experts say. It's also best not to reuse the same passwords across multiple websites — because if one platform is breached, that login information could be used to get into other accounts, through a tactic known as 'credential stuffing.' Steinhauer adds that using multifactor authentication, when available, and freezing your credit are also useful for added lines of defense. Which companies have reported recent cybersecurity incidents? A range of consumer-facing companies have reported cybersecurity incidents recently — including breaches that have caused some businesses to halt operations. United Natural Foods, a major distributor for Whole Foods and other grocers across North America, took some of its systems offline after discovering 'unauthorized activity' on June 5. In a securities filing, the company said the incident had impacted its 'ability to fulfill and distribute customer orders." United Natural Foods said in a Wednesday update that it was 'working steadily' to gradually restore the services. Still, that's meant leaner supplies of certain items this week. A Whole Foods spokesperson told The Associated Press via email that it was working to restock shelves as soon as possible. The Amazon-owned grocer's partnership with United Natural Foods currently runs through May 2032. Meanwhile, a security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems also were affected, too, causing the company to delay the release of its first quarter earnings. Several British retailers — M&S, Harrods and Co-op — have all pointed to impacts of recent cyberattacks. The attack targeting M&S, which was first reported around Easter weekend, stopped it from processing online orders and also emptied some store shelves. The company estimated last month that the it would incur costs of 300 million pounds ($400 million) from the attack. But progress towards recovery was shared Tuesday, when M&S announced that some of its online order operations were back — with more set to be added in the coming weeks. Other breaches exposed customer data, with brands like Adidas, The North Face and reportedly Cartier all disclosing that some contact information was compromised recently. In a statement, The North Face said it discovered a 'small-scale credential stuffing attack' on its website in April. The company reported that no credit card data was compromised and said the incident, which impacted 1,500 consumers, was 'quickly contained.' Meanwhile, Adidas disclosed last month that an 'unauthorized external party' obtained some data, which was mostly contact information, through a third-party customer service provider. Whether or not the incidents are connected is unknown. Experts like Steinhauer note that hackers sometimes target a piece of software used by many different companies and organizations. But the range of tactics used could indicate the involvement of different groups. Companies' language around cyberattacks and security breaches also varies — and may depend on what they know when. But many don't immediately or publicly specify whether ransomware was involved. Still, Steinhauer says the likelihood of ransomware attacks is 'pretty high' in today's cybersecurity landscape — and key indicators can include businesses taking their systems offline or delaying financial reporting. Overall, experts say it's important to build up 'cyber hygiene" defenses and preparations across organizations. 'Cyber is a business risk, and it needs to be treated that way," Clewlow said.
