A file containing the personal information of more than 20,000 public officials – including police officers, firefighters, and members of the State Protection Service (SOP), which protects senior government officials – was made available online by mistake on Tuesday.
The data were accidentally leaked by a member of the Government Security Centre (RCB) through data visualiser programme ArcGIS. They included names, telephone numbers, personal identification numbers (PESEL), business and private email addresses, as well as work addresses.
Wyciekły dane ponad 20 000 funkcjonariuszy i pracowników https://t.co/pXs1XGEQ1J.:
👮🏻♀️Policji i CBŚP
🕵️♂️Służby Ochrony Państwa
🤑Skarbówki
🧯Straży Granicznej i Pożarnej https://t.co/amjkVr0GGBPlik z ich PESEL-ami i telefonami udostępniło …Rządowe Centrum Bezpieczeństwa 🙆♂️ pic.twitter.com/0eSmUFfDiQ
— Niebezpiecznik (@niebezpiecznik) April 20, 2021
Niebezpiecznik, a Polish security news website, suggests that the information – which also included employees of the tax administration, prison service, road transport inspectorate and the RCB itself – may have been a list of those who registered for COVID-19 vaccinations between 12 and 20 April.
“The file could be downloaded by ArcGIS users, who are usually ethical researchers, although it is worth emphasising that anyone can set up an account on this platform,” explained Niebezpiecznik. “This data may be of interest to the criminals that these people put behind bars.”
In response to the news, the RCB assured that “the collected data were properly secured immediately” and announced an investigation into the issue.
It has taken steps to “completely block the form and secure the list of records sent through it”, the RCB said in a press release. It was analysing the potential causes of the leak as well as “possible downloads by unauthorised entities”.
The organisation also said that it would immediately notify the Personal Data Protection Office (UODO) about a breach of personal data security, in accordance with GDPR regulations.
Krzysztof Brejza, a senator from opposition party Civic Platform (PO), “demanded an explanation” on how the “sensitive” information was disclosed, as well as who “supervises the processing of the data”.
He called for an intervention by Jarosław Kaczyński, the chairman of the ruling Law and Justice (PiS) party, who joined the government as head of a newly created state security committee during an autumn cabinet reshuffle.
Main image credit: Maciej Śmiarowski/KPRM (under CC BY-NC-ND 2.0)
Maria Wilczek is deputy editor of Notes from Poland. She is a regular writer for The Times, The Economist and Al Jazeera English, and has also featured in Foreign Policy, Politico Europe, The Spectator and Gazeta Wyborcza.
