UK police officers’ details exposed in cyberattack

Updated on: 14 September 2023

Gintaras Radauskas
Senior journalist

Personal details of police officers in Greater Manchester have been hacked after a third-private company that makes ID cards was hit by a cyberattack.

Hackers have targeted Stockport-based Digital ID, which specializes in supplying printers and systems for the production of ID cards and access passes. Greater Manchester Police (GMP) is one of the firm’s clients, and the ransomware attack has been confirmed.

“We are aware of a ransomware attack affecting a third-party supplier of various UK organizations, including GMP, which holds some information on those employed by GMP,” said Assistant Chief Constable Colin McFarlane.

He added that the police understood how serious the matter was but stressed: “At this stage, it's not believed this data includes financial information.”

The Sun reported earlier this month that the attack came after warrant cards and passes were introduced under a scheme, codenamed Operation Fortress, to improve security.

The boss of Digital ID was allegedly sent a ransom demand by crooks from a server abroad in August. The Sun also said the home addresses of hundreds of police officers were feared to have fallen into the hands of hackers.

What’s particularly concerning is that identities of undercover cops could also now be exposed. McFarlane said: “This is being treated extremely seriously, with a nationally led criminal investigation into the attack.”

Digital ID mostly provides customers with printers, blank cards, and accessories like lanyards so they can print and manage their own cards.

But the firm does offer printing services, too, and that’s what the GMP used, meaning the police force shared information with the company.

As a contrast, Digital ID’s customers also include the BBC, but the UK broadcaster buys blank cards and prints the details itself, in-house. It’s not clear why the GMP chose to outsource the production of its warrant cards and staff passes.