Personal details of staff released in Social Protection IT breach 

Personal details of staff released in Social Protection IT breach 
The Department of Social Protection experienced an IT breach in which information was leaked to a number of staff in the department. File picture. 
Wed, 12 Aug, 2020 - 06:10
Mick Clifford

Personal files of staff and former staff members at the Department of Employment Affairs and Social Protection were leaked in a data breach of one of the department’s IT systems. 

A malfunction in the system led to confidential information being shared with a wide number of staff in the department, the Irish Examiner has learned. 

It is unclear yet as to whether the data was available to anybody outside the department.

The leaked data included pictures of staff displaying their Personal Public Service Numbers (PPSN) and also access to elements of the personal files of staff, including those of retired or former staff members. This information was made available — inadvertently — to a large number of staff within the department. 

The leak was from the Time and Attendance administrator system in the department which deals with staff working hours and other human resource elements such as  sick leave. The information stored in the system would include medical files for personnel in the department.

One possible reason being examined for the breach was the stress placed on the department’s IT system due to a large number of staff working from home since the onset of the pandemic.

Read More

Government to plan for next nine months of living with Covid-19

The department was informed of the breach after it was brought to the attention of the trade union Forsa by one of its members in the last week. The union subsequently contacted management in the department to inform them of the breach.

In a letter to staff union members in the department last week, Forsa stated that the department’s management “responded to say that the issues raised have now been rectified with some work to be completed on the files of retired/former staff”.

The breach was not reported to the Data Protection Commissioner. There is a statutory obligation on management to determine whether any data breach is serious enough to be referred to the commissioner and whether to inform any individual whose data was compromised.

A statement issued to the Irish Examiner from the department last night confirmed the breach but did not address questions about how many staff or former staff members were affected.

 “The department confirms that this [the breach] did not involve customer data. This is under internal investigation and the department has taken remedial action to rectify the matter,” the statement read.

Read More

35 new Covid-19 cases confirmed as one person dies

x

CONNECT WITH US TODAY

Whatsapp logo

WHATSAPP

Newsletter logo

NEWSLETTERS

Notification logo

NOTIFICATIONS

Be the first to know the latest news and updates

More in this section

School bus School transport services at risk after Easter over fuel price surge, operator warns
Latest: Storm Dave grounds flights as powerful winds continue to lash Ireland Latest: Storm Dave grounds flights as powerful winds continue to lash Ireland
Fields of Ireland Public warned not to cut hedgerows during bird nesting season
data breachDepartment of Employment Affairsforsa
A man has died in hospital following a crash in Co Longford last weekend (PA)

Man dies in hospital following Co Longford crash

READ NOW

Lunchtime News

Newsletter

Keep up with stories of the day with our lunchtime news wrap and important breaking news alerts.

Latest

Most Read

Cookie Policy Privacy Policy Brand Safety FAQ Help Contact Us Terms and Conditions

© Examiner Echo Group Limited