Warnings Issued on Potential Neighbourhood Watch Data Breach

share
Header image

Warnings Issued on Potential Neighbourhood Watch Data Breach

share

Anomaly in management tools could have allowed data to be visible and extracted.

Contact details of up to 200,000 may have been breached after a vulnerability was discovered in Neighbourhood Watch scheme management tools.

The police-backed alert system ‘In The Know’, used by Lancashire Police and Lancashire Fire & Rescue, is used to inform residents across Lancashire about recent crimes, safety advice and details of police events and operations.

It is possible that names, email addresses and telephone numbers were exposed. Chris Davis, managing director of In The Known operator VISAV said as soon as it became aware of the loophole, immediate action was taken to fix the issue. 

"The anomaly was fixed immediately, and we decided to proactively and transparently notify every member of our system to inform them and provide guidance, including the 200,000 members that may have been impacted,” Davis told local news.

“We have also reported the issue to the regulator to support our own intensive investigation, launched with the support of external IT experts, and help prevent future risks.”

In an email to impacted members, Davis said there is no evidence that data was compromised, but acknowledged it could have been possible for a newly registered coordinator to inappropriately access the contact list of a scheme before it was approved.

He said: “We are confident that only a very small number of individuals accessed this information, and this was only to confirm the existence of the anomaly. We are working with the police to gather more information about these individuals and will update you on the developments.”

A spokesman for Lancashire Constabulary confirmed that no police databases were involved in the breach.


Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Data Security Published: 25 April Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Report: UK cyberattacks grow faster than global rate

Report: UK cyberattacks grow faster than global rate

 Novel CyberStrikeAI tool exploited in attacks

Novel CyberStrikeAI tool exploited in attacks

 Industry urges reform to retain women in tech

Industry urges reform to retain women in tech
NCSC flags heightened threat in Middle East

NCSC flags heightened threat in Middle East

 Europe moves toward teen social media limits

Europe moves toward teen social media limits

 Data Privacy in the Age of AI

Data Privacy in the Age of AI
EU flags TikTok, alleging addictive app design

EU flags TikTok, alleging addictive app design