The Child and Family Agency’s chief executive has admitted that some of Tusla’s computer infrastructure is still run off the obsolete operating system Windows 7.
It comes as Bernard Gloster told the Public Accounts Committee that the devastating cyberattack on the HSE’s computer systems last May “brought Tusla to its knees”.
Mr Gloster has told the committee that the cost to Tusla in terms of securing and reclaiming its IT systems was in the region of €8m.
He said that while most of Tusla’s systems are now back online, connectivity with email in certain rural parts of the country remains “the big problem”.
“We had two IT staff in 2017, we now have 65 moving towards 100. We have the most modern laptops. But because of our dependence on the HSE we’re still dependent on older legacy systems,” he said.
Mr Gloster said the fact that Tusla itself is monitored by the Health Information and Quality Authority (Hiqa) while it in turn inspects its own private service providers is “one of the greatest contradictions”.
“I’m a provider, I’m a purchaser, but for half of that system I’m the regulator,” he said.
“That does not make for good governance.”
He added that he has “no timeline” for when that supervisory role will transfer from Tusla to Hiqa.
Tusla, despite being independent of the HSE, maintains a dependency on the executive in terms of its IT infrastructure, a legacy issue dating back to the agency’s creation in 2014 and one Tusla is working towards rectifying.
Mr Gloster told the PAC the impact of the cyberattack of May 14 was a great deal more damaging than that of Covid-19 to Tusla’s operations.
“Covid was very extreme, but the impact of the cyberattack was much more sharp, and much more severe,” he said.
Tusla’s key IT portal, the National Childcare Information System which contains records of close to 500,000 child welfare cases for access by social workers, was the system worst affected by the cyberattack, Mr Gloster said.
“That system is very significant in terms of sensitivity. There is no evidence of data exfiltration from it, but it was severely damaged by the criminals’ encryption and the HSE shutdown,” he said.
“We had to go to backups of the system because the database on May 14 was so badly damaged it was unusable,” he added.
He said that he must remain open to the possibility that some personal data regarding members of the public with dealings with Tusla may have been leaked into the public domain as a result of the attack.
“That may still emerge,” Mr Gloster said, adding that an “extensive analysis” of the situation remains in train under the aegis of the HSE.