21 March 2019
On Saturday 9 March our systems’ security alerted us to a ransomware cyber-attack which affected many of the systems used by us, the Police Federation of England and Wales, at our headquarters in Surrey.
This resulted in us not being able to access data we hold in order to undertake our business.
One of the databases affected held personal data about you as a police officer. The National Membership Database includes the name, ranks and serving force of around 120,000 police officers up to the rank of chief inspector, along with their police email address and National Insurance number.
A second database relates to a booking system for our conference and hotel facilities in Leatherhead and includes the names, addresses, email addresses of guests who have stayed there for leisure purposes. If the stay was between 1 September 2018 and 9 March 2019 then this will also include credit card number and expiry date. This does not affect those who have stayed there as Federation representatives on courses.
A third database relates to our claims case management system. This is a data base for any members who have requested PFEW assistance for any investigation, inquiry or complaint during their service which has been dealt with by HQ at Leatherhead. This may in some cases include the member’s name, address, National Insurance number, bank details and details of the case.
We are deeply sorry that this has happened and that data we hold about you has been affected and know that this will cause you some concern.
We have instructed a leading forensics firm to help us investigate the matter. This is a complex process and will take some time. Indications are that it was not targeted specifically at PFEW and was likely part of a wider campaign. There is also no evidence at this stage that any data was extracted from PFEW’s systems, although this cannot be discounted at this stage. Whilst we consider at this stage the risk of your data being extracted or misused is low, we wanted to alert members as to the risk at the earliest opportunity.
We take data security very seriously and have a number of technical and organisational measures in place to protect the data of our members and others whose data we hold. On becoming aware of the attack we immediately reacted and put in place a number of measures in order to stop the further spread of the malware. Local Federation branches related to your force have not been affected.
We have been working with the National Crime Agency who are dealing with this incident as a criminal offence, and have been liaising with the National Cyber Security Centre and the Information Commissioner’s Office. We continue to offer every cooperation as investigations continue.
We recommend PFEW members be vigilant to suspicious emails, texts and phone calls.
Those concerned about fraud or lost data can visit Action Fraud or call 0300 123 2040.
Advice can also be obtained from the National Cyber Security Centre.
For more information please read the cyber attack FAQs on the national PFEW website