Over 9,000 cybercrime reports filed by UK citizens have sat inside a police database without being investigated after security software mistakenly identified them as containing malicious code and placed them in quarantine.
All the quarantined reports came from Action Fraud, an official UK police website where victims can report fraud and cybercrime.
According to an audit published this week by the HMICFRS (Her Majesty’s Inspectorate of Constabulary and Fire & Rescue Services), thousands of these reports never reached police officers.
Instead, the software that scanned submissions for malware mislabeled incoming reports and set them aside, never reaching any human operator.
The issue was tracked down to an October 2018 update of the Know Fraud system that receives the reports from the Action Fraud website and then hands them over to the National Fraud Intelligence Bureau (NFIB), a database run by the City of London police.
The bug was discovered in April 2019, when the HMICFRS began an audit of UK’s police response to cyber-dependent crime.
Over 9,000…
