Gwent Police investigated for failing to disclose possible compromise of personal information

Alexander J. Martin reports:

Gwent Police is being investigated after failing to inform hundreds of people that hackers may have accessed their confidential reports to the force.

Sky News has learned that up to 450 people who filed reports through an online tool over a two-year period could have been put at risk by hackers due to security flaws.

Although the tool was decommissioned after an internal security review discovered that confidential information was being exposed, the force did not inform the individuals who were affected.

Read more on Sky News. It seems that they didn’t have enough data going back far enough to determine whether the data had actually been accessed. So what happened to the “in an abundance of caution” mentality? When in doubt, they should have notified, shouldn’t they have?

US company with access to biggest telecom firms uncovers breach by nation-state hackers
Canada says hacktivists breached water and energy facilities
UK: FCA fines former employee of Virgin Media O2 for data protection breach
Former General Manager for U.S. Defense Contractor Pleads Guilty to Selling Stolen Trade Secrets to Russian Broker
China Amends Cybersecurity Law and Incident Reporting Regime to Address AI and Infrastructure Risks
Alan Turing institute launches new mission to protect UK from cyber-attacks

Related: