Software bug causes deletion of thousands of UK arrest records

Reports from news sources in the United Kingdom are shining a light on a rather bizarre incident. Originally reported by The Times of London, a major software bug has allowed 15,000 personal records from arrests in the UK to be deleted from the British Police National Computer (PNC) system. Most notably this software bug, believed to be a mix of human error and bad code, has eliminated vital biometric data that British police rely on for impending investigations.

The damage from this incident appears to have widespread ramifications. As reported by The Guardian, this may cause over 400,000 current crime records to be compromised by the blunder. Political pressure is mounting on Home Secretary Priti Patel to get the situation under control. Many are calling for the Home Office to give a full, transparent account of how this deletion of thousands of UK arrest records could have taken place.

In a letter addressed to the National Police Chiefs’ Council (NPCC), deputy chief constable Naveed Malik had this to say on the situation:

As the National DNA Database and the National Fingerprint Collection currently contain incomplete sets of biometric records, there is the possibility that biometric matches between crime scenes and offenders may not be identified... We are aware of a couple of instances of ‘near misses’ for serious crimes where a biometric match to an offender was not generated as expected but the offender was identified through matches between scenes. However, in these circumstances, without a direct match report to the subject, it may be more challenging for police to progress to an interview or arrest... We are also aware of at least one instance where the DNA profile from a suspect in custody did not generate a match to a crime scene as expected, potentially impeding the investigation of the individual’s involvement in the crime.

The Home Office has not been radio silent on the issue, however, as the highly publicized nature of this case has forced a response. The Home Office has told various U.K. media that they are currently working with British police to determine how much damage has been done. As far as they can find in their preliminary investigation, the Home Office believes that the deletion occurred as a result of a weekly clutter reduction in the database. The BBC, meanwhile, reported that the Home Office said that “no records of criminal or dangerous persons had been deleted.”

Featured image: Flickr/Steve Cadman

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Cybersecurity dangers when an employee goes on leave

While going on leave is good for both organization and employee, there are cybersecurity dangers…

10 hours ago

Top five complaints from remote workers — and how to respond

While many work-from-home employees enjoy the new normal, it is not without its hurdles. These…

16 hours ago

Azure AD administrative units: A go-to tool for Microsoft 365 administration

Limiting administrative scope is surprisingly difficult in Microsoft 365. Luckily, Azure AD administrative units can…

1 day ago

Data privacy regulations: Walking safely through the compliance jungle

Can businesses have a sustainable data privacy policy in a world where ever-changing compliance requirements…

2 days ago

Placing Hyper-V virtual machines on remote storage

We’ve previously showed you how to add a Windows file server to VMM. In this…

4 days ago