More than 20,000 details 'at risk' after police data cyber attack

Greater Manchester Policeman
GMP has not confirmed how many officers are affected but a senior officer says 20,000 details are "potentially at risk"

More than 20,000 details - including police officers' names and photos - are "potentially at risk" after a data breach, a senior officer has said.

A firm in Stockport, which makes ID cards for Greater Manchester Police (GMP), was targeted in a ransomware attack last month.

Chief Resource Officer Lee Rawlinson told a public meeting it was a "very serious event".

He said "several" forces and government departments had also been affected.

The data breach at Digital ID, which holds information on various UK organisations, is being investigated.

Mr Rawlinson told a police, fire and crime panel that the information that had "potentially gone" was "relatively low-risk", adding: "It doesn't have financial details or specific details, but obviously, it does pertain to some officers' names and in some cases photo identification.

"So we're treating it as a very serious event."

'Still waiting'

The data breach has affected other organisations, including the Metropolitan Police in London.

Mr Rawlinson said it was "part of a wider national picture", with "several police forces up and down the country as well as many other government departments that were involved in this".

"I think around 20,000-plus details had been potentially at risk. I say potentially, because we're still waiting for the company that has been breached to get as much detail of what actually has gone to us," Mr Rawlinson added.

He said the force had contacted the Information Commissioner.

The Local Democracy Reporting Service asked GMP to clarify whether the "20,000-plus" details Mr Rawlinson referred to related specifically to the force.

GMP said it was not confirming the number of officers affected at this stage as it was still notifying staff.

Some 12,000 police officers and civilian staff at the force were informed of the data breach last week.

An internal email to GMP staff on 13 September revealed the name of the contractor where the breach happened as Digital ID.

The Stockport-based company has been contacted for comment.

Why not follow BBC North West on Facebook, X and Instagram? You can also send story ideas to