An investigation is underway into a data protection breach by the GAA in which personal details of thousands of season ticket holders were mistakenly circulated to other customers.
On Monday, 223 people received an email from the GAA which contained an embedded link. This allowed people access to an extensive list of season ticket holders.
The details included the name, address and email contact for 7,386 other season ticket holders.
No financial details were visible. The list was available for less than an hour before the error came to light.
The Data Protection Commissioner confirmed it had been notified on Tuesday morning. It said it had established some key matters surrounding the breach.
“The GAA has confirmed to us in a report on Wednesday that it inadvertently circulated this email to 223 individuals.
The email contained a link which provided access to the data (name, address and email address) of 7,386 season ticket account holders. “We are advised that the link was only active for 44 minutes,” it said.
The GAA wrote to affected people on Thursday to say that the mistake was a result of human error.
The Data Protection Commissioner said the GAA has stopped circulating such links to avoid the leak happening again. It said the association’s new protocols are in line with its code of practice.
The GAA said it had treated the matter with the “upmost seriousness” and had worked with the commissioner to ensure the error would not happen again. It said it had endeavoured to contact the affected parties as quickly as possible.
© Irish Examiner Ltd. All rights reserved