150,000 lost UK police records looking more like 400,000 as Home Office continues to blame 'human error'

That technical issue the department said it had fixed? It didn't exist


Estimates detailing the loss of criminal evidence records by the UK Home Office and the police show the figure leaping from 150,000 to 400,000.

Nonetheless, in a statement issued on Saturday, the government department said it was working to restore the records using the magic of computer code.

"Working with the National Police Chief's Council and other policing partners, data engineers within the Home Office Digital, Data and Technology function continue to develop and test new code with the ultimate aim of restoring the data," the department said in a statement issued on Saturday.

It has so far not responded to The Register's questions about where this code would be running and where it hoped engineers could recover the lost records from.

It has also yet to answer questions about the cause for the data loss of thousands of fingerprint, DNA, and arrest records. The losses have led to fears that matches between crime scene evidence and any potential offenders may not be identified.

The Home Office initially issued a statement late on Thursday saying the data loss was down to a "technical issue", which had been resolved, a statement still live on its Twitter feed.

Though there must have been some technical resolution because by Friday the Home Office was saying it was not a technical issue after all, and in fact a "housekeeping error", as The Register reported.

Over the weekend, the Home Office issued a further statement, with Home Secretary Priti Patel saying: "Home Office engineers continue to work to restore data lost as a result of human error during a routine housekeeping process earlier this week."

In a letter published by The Guardian, National Police Chiefs' Council (NPCC) deputy chief constable Naveed Malik, lead for the organisation on the Police National Computer (PNC), said approximately 213,000 offence records, 175,000 arrest records and 15,000 person records had potentially been deleted in error.

Meanwhile, the DNA database connected to the PNC saw 26,000 records corresponding to 21,710 subjects potentially deleted in error, "including records that have previously been marked for indefinite retention following conviction of serious offences". The letter also said 30,000 fingerprint records and 600 subject records may have been deleted in error.

The PNC dates back to the 1970s. The current iteration is a Fujitsu BS2000/OSD SE700-30 mainframe based in a Hendon data centre, running Software AG's natural programming language-using ADABAS database. The UK's territorial and regional police forces, Serious Fraud Office, Security and Secret Intelligence Services (MI5, MI6), HM Revenue & Customs, and the National Crime Agency all make use of it. They have controlled and 24-hour access from remote terminals and through local police force systems.

According to Adam Smith, chair of the Software Testing Group at BCS, The Chartered Institute for IT: "In order to delete data from a live environment through a coding error, a failure needs to occur not just in the coding, but in the test design (or one of its supporting processes, such as making sure the right version of the software is in the testing environment.)

Smith added: "Even the non-critical systems are typically backed up daily, so either a failure has also occurred in the backup process, or something about the backout plan for the software change wasn't tested properly and has failed."

The BCS said in a statement: "It is likely that a developer, test analyst and release manager would all have been part of the process leading up to the failure.... The incident highlights the fact that IT practitioners should be accountable to independent professional standards." ®

Similar topics


Other stories you might like

  • Cheers ransomware hits VMware ESXi systems
    Now we can say extortionware has jumped the shark

    Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.

    ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.

    "ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

    Continue reading
  • Twitter founder Dorsey beats hasty retweet from the board
    We'll see you around the Block

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading
  • Snowflake stock drops as some top customers cut usage
    You might say its valuation is melting away

    IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.

    For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.

    Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

    Continue reading

Biting the hand that feeds IT © 1998–2022