Police Federation Headquarters Confirms Malware Attack

21 March 2019

The Police Federation of England and Wales has confirmed that it has been dealing with a malware attack on its computer systems.

Metfriendly: YBig Prize Draw

The PFEW was able to respond quickly to an alert from its cyber-security systems on Saturday 9 March, with cyber experts rapidly reacting to isolate the malware to stop it from spreading to PFEW branches.

The incident was reported to the Information Commissioner’s Office and the National Crime Agency (NCA), which is now leading a criminal investigation into the matter.

Specialist officers from the NCA’s National Cyber Crime Unit (NCCU) are managing the ongoing criminal investigation and are working with the National Police Chief’s Council (NPCC), the National Cyber Security Centre (NCSC) and PFEW to gain a better understanding of the incident.

Since the attack PFEW has been working with experts from BAE Systems’ Cyber Incident Response division to analyse and assess the scale of the impact.

Initial indications are that the attack was not targeted specifically at PFEW and was more likely to have been part of a wider campaign.

There is no evidence at this stage that any data was extracted from the organisation’s systems, although this cannot be discounted and PFEW are taking precautions to notify individuals who may potentially be affected.

PFEW National Chair John Apter said: “We are deeply sorry that this has happened. The Police Federation takes data security very seriously and responded immediately on becoming alerted to this incident.

“Our priority has been to mitigate the damage caused by the attack and to protect the personal data of our members and others whose data we hold.

“We remain committed to representing police officers and ensuring they are supported. We have set up dedicated webpage to help officers and other individuals with any questions they may have and have directed them to where they can find guidance on the risks associated with this type of incident.

“From tomorrow (Friday) at 12pm we will also have a helpline operating for those who have concerns about what has happened,” he said.

All indications are that the malware did not spread any further than the systems based at Federation House, the organisation’s Surrey headquarters, with none of the 43 branches being directly affected.

Whilst no evidence of data extraction has been found, the PFEW has been working with the NPCC, local forces and its individual branches to ensure that as much information as possible is provided to those potentially affected.

The web address for anyone who may have concerns about the incident is – advice.polfed.org – where further assurance and advice can be found. This will be live this afternoon (Thursday).

The helpline number is 0800 358 0714. This will be live from 12pm until 6pm on Friday 22 March, from 9am to 3pm on Saturday and Sunday and then from 8am to 6pm Monday to Friday. The helpline will be staffed by security vetted personnel with experience of cyber-crime.

More to follow…

Other articles on our blog:

Did you know that you can follow us on ALL of the below Social Media Channels? We have a hugely popular Facebook Page (where it all began), a dedicated Twitter Guru, a Snapchat story that’s updated daily, an Instagram team AND a YouTube channel that we’re starting to develop. We also have UK Paramedic Humour and UK Firefighter Humour on Facebook. You can see any of them by clicking the buttons below!


Metfriendly: YBig Prize Draw