I am contacting you to let you know that on Saturday 13th April 2024, we identified a technical anomaly within the Neighbourhood Watch scheme management module of the Alert system. This anomaly represented a potential risk to some of your data (as detailed below).
What was the issue?
It was possible for a new registered member to create a scheme, claim to be a Coordinator, map the area the scheme covers, and via an unusual series of steps see limited user-data without being authorised to do so by NW.
There is no evidence from our investigation that any data has been used for any malicious or fraudulent purpose, only that a small number of individuals were interested in verifying that the anomaly existed so it could be highlighted and removed. However, inline with our core values of transparency, data integrity and honesty, we are registering the incident with the Information Commissioner’s Officer as a breach, notifying you of the details and what you need to do about it.
What information was at risk?
The information potentially disclosed was restricted to full name, first line of the address, email and (if added), telephone number and small profile picture of members that were opted-in to NW and registered within the mapped scheme area.
What measures have been taken?
· The anomaly was fixed and tested within an hour of being identified by our technical staff.
· All vetted and trained NW Multi Scheme Administrators (MSA’s) across England & Wales have been contacted by NW central support team, reinforcing the national guidance on approved schemes. They have been asked to work through their local schemes to ensure that they are all legitimate and correctly authorised.
· The ability for ANY NW Coordinator to see potential members registered within their approved scheme area has been removed. A new more restricted process to support scheme growth is under review.
· We are reporting the incident as a personal data breach to the data regulator (ICO).
What should you do now?
Although the probability of your data having being viewed by a non-authorised Coordinator is extremely low, there are steps you can take to reduce any impact on you.
Be wary of any contact you receive either in person, by email or phone call from anyone you do not already know to be your local NW Coordinator.
Verify the scheme: Before disclosing any information, check that the scheme is approved and therefore listed on the England & Wales scheme register accessible via the Our Watch Website: https://www.ourwatch.org.uk/get-involved/find-my-local-scheme
Scheme not listed but appears legitimate: A small percentage of schemes have elected not to be shown on the website directory for various legitimate reasons. If you cannot find the scheme you wish to verify, please email the NW Central Support Team at
Check your sharing permissions: Your sharing permissions within the Alert system are important, they keep you in control of who can see your details. If you would rather not share your contact information with any representative of Neighbourhood Watch, please use the survey button below to advise us of this and we will action your request promptly. Alternatively, click the settings button below and review/update your current sharing permissions with all partners instantly.
We will remind you: Every three months, we include a section at the bottom of a current Alert message which shows you your current opted-in sharing settings. Please take note and check you are happy with these settings.
Remain vigilant: As with any online account or contact from strangers, do not be pressured into disclosing details, do not be rushed into making decisions and “take five” to consider if the contact makes sense. If it feels a bit suspicious, it probably is. Remember if you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):
Neighbourhood Watch
We feel it is important to add that the anomaly identified is on us (VISAV Limited) as the system builders. We hope that this incident does not reflect on Neighbourhood Watch, the members, Coordinators, MSAs or the Central Support Team, all of which do a superb job, mainly as volunteers and are entirely motivated to keep people safe and fight crime.
The Neighbourhood Watch movement have worked hard, particularly over the last few years to improve procedures, introduce MSA vetting and manage the large network of schemes across the UK.
Please continue to support your local Neighbourhood Watch, use the national register on OurWatch.org.uk to find your local verified scheme and get involved in the superb work they are doing in your community.
Privacy and Security
Professionals in data and cyber security understand that threats to privacy are continuously evolving. Businesses must respond swiftly, take these threats seriously, and ensure everyone is informed and protected. Privacy and the protection of your data is a fundamental principle to us, as is ensuring that you are in control of who you share your data with and for what purpose. We continue to ensure this by undertaking external GDPR and security accreditation including IASME Cyber Assurance and Cyber Essentials Plus, and by ensuring that our platform functionality and members tools are in line with ICO regulations.
Support
If you are concerned about this incident and would like to talk to a member of our support staff about this incident, please feel free to contact us on our UK helpline number 0115 924 5517 (option 1) during office hours or anytime by email to
Summary
We immediately addressed and resolved this anomaly. Since then, we have been thoroughly investigating the incident's scope and impact, including seeking professional advice. We are notifying you promptly of the possibility that your contact details may have been exposed. We are here to answer any questions and provide support, and we will keep you informed of any further relevant developments.