Staff details compromised after hack on the British Transport Police website

A small number of staff details have been compromised due to a hack from the British Transport Police’s (BTP) website.

The BTP has announced that their website had been hacked. They had been made aware of “a threat to the newsroom section” of its website – which is hosted by an external supplier. The main page was not affected, but clicks on the “latest news” section directed users to a Tumblr blog run by the force.

Checks carried out by the BTP, National Crime Agency (NCA), and the National Cyber Security Centre (NCSC) discovered that only a “small number” of staff were leaked – however it remains unclear as to how much personal information were exposed.

A force spokesman said:

“This system has no affiliation with the force’s crime management or command and control systems and has not compromised the force’s operational capabilities.

“All the relevant authorities have been notified of this incident.”

The BTP, NCA and NCSC are carrying out an investigation into the hack.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.