Greater Manchester Police has said one of its suppliers has been hit by a cyber attack that could have given the attackers access to information on its employees.
It has published a statement in which Assistant Chief Constable Colin McFarlane said: “We are aware of a ransomware attack affecting a third party supplier of various UK organisations, including GMP, which holds some information on those employed by GMP.
“At this stage, it’s not believed this data includes financial information.
“We understand how concerning this is for our employees so, as we work to understand any impact on GMP, we have contacted the Information Commissioners Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported.
“This is being treated extremely seriously, with a nationally led criminal investigation into the attack.”
According to a report from the BBC, the primary victim of the attack was a company that makes identity cards for the force.
The news has drawn a public response from the Information Commissioner's Office. Its head of cyber security investigations, Elizabeth Baxter, said:
“Police officers and staff expect their information to be kept secure, and are right to be concerned when that doesn’t happen. This incident has been reported to us, and we’ll now be looking into what happened, and asking questions on behalf of anyone affected.
“Organisations must look after employee information, particularly in sectors where the impact of a data breach could be greater. The ICO works to support organisations to get this right so people can feel confident that their information is secure.”
The data breach is the latest in a spate affecting public sector organisations, and has come soon after the Metropolitan Police reported that one of its suppliers has been hit by a cyber attack.