Government agencies and public sector bodies will likely want to quickly forget about August 2023, after witnessing three major cyber incidents which exposed the personal information of UK citizens. In one incident, over 1,200 people, including witnesses and victims of crime, had their data breached due to alleged technical issues by the Norfolk and Suffolk police. This sensitive information was accidently included in Freedom of Information (FoI) responses sent to researchers and journalists.
Just a week earlier, the Police Service of Northern Ireland was forced to apologise for mistakenly revealing details of all its 10,000 staff when responding to an FoI request. At the same time, the UK's Electoral Commission revealed a cyberattack that exposed 40 million voters' data. Not only did the attack go undetected for a year, but the public was also not informed for a further 10 months.