Header image

Warnings Issued on Potential Neighbourhood Watch Data Breach

Anomaly in management tools could have allowed data to be visible and extracted.

Contact details of up to 200,000 may have been breached after a vulnerability was discovered in Neighbourhood Watch scheme management tools.

The police-backed alert system ‘In The Know’, used by Lancashire Police and Lancashire Fire & Rescue, is used to inform residents across Lancashire about recent crimes, safety advice and details of police events and operations.

It is possible that names, email addresses and telephone numbers were exposed. Chris Davis, managing director of In The Known operator VISAV said as soon as it became aware of the loophole, immediate action was taken to fix the issue. 

"The anomaly was fixed immediately, and we decided to proactively and transparently notify every member of our system to inform them and provide guidance, including the 200,000 members that may have been impacted,” Davis told local news.

“We have also reported the issue to the regulator to support our own intensive investigation, launched with the support of external IT experts, and help prevent future risks.”

In an email to impacted members, Davis said there is no evidence that data was compromised, but acknowledged it could have been possible for a newly registered coordinator to inappropriately access the contact list of a scheme before it was approved.

He said: “We are confident that only a very small number of individuals accessed this information, and this was only to confirm the existence of the anomaly. We are working with the police to gather more information about these individuals and will update you on the developments.”

A spokesman for Lancashire Constabulary confirmed that no police databases were involved in the breach.


Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.