1. How many times have your websites, social media and IT systems or phone systems been successfully hacked/broken in to, or information copied or stolen from digital information storage centres, over the last three years (using the most up-to-date data available)? Please give details of each incident.
2. How many attempts have there been to hack/break in to the same systems over the same time period (by attempts, I mean unsuccessful efforts or those that you may have thwarted)? Please give details of each incident.
3. If you do not know the answers to questions 1 and 2, why not?
4. How many of these successful or unsuccessful/thwarted attempts (as outlined in questions 1 and 2) were by individuals, groups or organisations that you know or suspect to be terror related or have links to terror organisations? Which terror related individuals, groups or organisations were they?
5. How many of these successful or unsuccessful/thwarted attempts were by individuals, groups or organisations that you know or suspect to be illegal or carrying out illegal activities (other than the hacking)? Can you please reveal their identities?
6. What was the impact of any successful hacks/interference and what impact did it have for the public?
7. Was personal data of any member of the public at risk, or copied, or stolen? If yes, please provide specific details.
8. Please provide details of what happened in each successful or attempted hack or break-in ¿ for example, the alteration or removal of information on/from a website, the “downing” of a website or phones, or the theft or cloning of information from any digital information storage centres such as hard drives or servers.
9. Can you please send us any footage/screen grabs of any hacked websites etc?
10. What actions have you since taken to increase your security?
If the information is likely to exceed costs limits, I would be willing for it to be provided for one or two of the years (two preferably, and then one, starting with the most recent years for which you have data).
Most external attacks begin with a technique called “port scanning”, this occurs by the attacker scanning a range of ports on certain Internet IP addresses to see if any weak systems are responding. West Midlands Police’s Internet facing firewall receives approximately 300~400 requests per hour for connections that are dropped by the firewall. It is impossible to determine whether these were targeted scanning attempts or simply people scanning random Internet addresses. This behaviour and figures are normal for any Internet facing service.
Please note that researching each individual case would exceed the appropriate limit (FOIA, s.12 (1)).
The cost of compliance with your request is above the amount to which we are legally required to respond, i.e. the cost of locating and retrieving the information would exceed the appropriate costs limit under section 12 of the Freedom of information Act 2000. For West Midlands Police, the appropriate limit is set at £450, as prescribed by the Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004, S.I. 3244.
A public authority which, in relation to any request for information, is relying on a claim that section 12 or section 14 applies must, within the time for complying with Section 1(1), give the applicant a notice stating that fact. In accordance with the Freedom of Information Act 2000, this letter acts as a refusal notice.