2 charged over alleged New IRA terrorism activity linked to cops' spilled data

Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.

Brian Francis Cavlan, 49, and Rory Martin Logan, 43, appeared in Strabane Magistrates' Court on February 13, where the court heard that Cavlan had two spreadsheets containing the particulars of police officers and civilian staff.

The spreadsheet data would have orginally come from the August 2023 FoI own goal when personal information – including real names and ranks – of nearly 10,000 PSNI staff members were published in a document that was publically accessible online for several hours.

Speaking at the hearing, a PSNI officer said Cavlan had screenshots of specific parts of the spreadsheet stored on his phone and could link the charges to both men.

The officer also agreed with Cavlan's defense lawyer that it was unlikely the data had been downloaded directly from the source, saying the data appeared to have been shared "a considerable amount of times" before coming into the pair's possession, the BBC reported.

A third man, aged 44, was released from police custody after being questioned, pending a report to the Public Prosecution Service.

Logan was also charged with possessing the spreadsheets, with evidence suggesting he had them as of June 2024. He did not apply for bail, but Cavlan's bail application was rejected due to "real and evident" risks of him reoffending and his bail conditions not being managed properly. He was said to have been in possession of the data as of April 2024.

Their next court date, to be attended virtually, is set for February 25 at Omagh Magistrates' Court.

This week's arrests mark the second round in a month after two PSNI officers were bailed as part of a separate fraud investigation.

At the start of February, the PSNI said the investigation was ongoing and related to the universal compensation offer made to each affected individual, with the idea that the £500 ($615) should be spent on shoring up the officers' personal security following the breach.

• 2 officers bailed as anti-corruption unit probes data payouts to N Irish cops
• Northern Ireland cops whose info was leaked in 2023 may get £240M+ damages
• UK data watchdog wants six figures from N Ireland cops after 2023 data leak
• Northern Ireland cops count human cost of August data breach

We know the investigation relates to these payments, which were accepted by around 90 percent of offer recipients, but the PSNI has stayed mute on what exactly the alleged fraud entailed.

An official review of the data spillage was published in December 2023, highlighting how officers' mental well-being was stretched as a direct result of the concern the incident caused.

The region's complex political history, marked by periods of ethno-nationalist violence in the last century, is why many officers avoid disclosing their profession and why some have resorted to changing their names in the wake of the data leak.

Certain factions hold a longstanding belief that Northern Ireland should not be a part of the United Kingdom or controlled by Parliament in London.

The review found that in the three months following the breach, more than 50 sickness absences were recorded specifically citing the data protection gaffe, which was caused by a botched Freedom of Information request response.

An undisclosed number of officers also relocated due to safety concerns. Many more reported that they also wanted to make similar moves but didn't have the financial means to do so.

Commissioner Pete O'Doherty of the City of London Police described the incident as "the most significant data breach that has ever occurred in the history of UK policing," adding that the damage it caused was "unquantifiable." ®