A data breach that has occurred involving data processed by Access Personal Checking Services (APCS) Ltd – this is the provider many of our brands use to process Disclosure and Barring Service (DBS) checks for staff and service users. 

Polaris has been working closely with APCS to identify and, if possible, personally contact anyone who may be at risk from this personal data breach after completing a DBS check at our request.

On 17 August 2025, APCS were notified by Intradev – their external software supplier – of a potential data breach on 31 July 2025. Intradev confirmed that they have been subject to unauthorised access and certain files that relate to personal data were copied from their systems during a recent cyber-attack.

The data breach mainly concerns data collected from December 2024 to 8 May 2025 (with the likelihood of some outside this timeframe). The affected data is likely to include name, date of birth, email address, postal address, place of birth, gender, National Insurance Number, Passport details and Driving Licence. APCS have confirmed that they do not store payment card details or records of any criminal convictions and therefore have not been compromised.

APCS and Polaris networks have not been compromised and all affected systems have been secured and safeguards implemented.  The incident has also been reported to the Information Commissioner’s Office

Polaris is monitoring the situation and will update here with any further information as received.

Support Available

• ICO breach reporting and advice: https://ico.org.uk/for-organisations/report-a-breach
• ICO helpline: 0303 123 1113

If you require any more information please contact Dataprotectionteam@polariscommunity.co.uk