Revenue Commissioners had more than 370 data breaches in past 18 months

The Revenue said there had been 256 data breaches throughout last year, with a further 119 in the period from January to June 2023.

A database, released under freedom of information, shows the most common types of incident were staff data getting sent to the wrong recipient within Revenue, or taxpayer data getting disclosed to third parties.

There were a large number of breaches due to mix-ups between family members, or where partners had split up.

In one case, two brothers each received the other’s tax information after an incorrect tax reference number had been provided to one of their employers.

In another case, Revenue staff data was viewable by other colleagues due to what was described as an “error by [a] third party”.

One case saw taxpayer data disclosed to a former member of staff by accident while a large number of breaches were reported where data was sent to the wrong firm of accountants or tax agents.

One entry in the database detailed the disclosure of a taxpayer’s data to a Government department in error while another case saw a taxpayer’s details made available to an ex-spouse due to a Revenue mistake.

There was also a case where two taxpayers each had access to one another’s information due to a mix-up by an employer, according to the records.

Among the most serious breaches logged by Revenue was a case involving the “failure by [an] ex-staff member to return encrypted devices and files”.

A spokeswoman said the Revenue Commissioners held and processed a huge amount of data as part of its core work.

She said: “A relatively small number of data breaches, mainly caused by human error, occur from time to time.

“The risk of human error cannot by its nature be totally eliminated, but Revenue strives to minimise and manage such risk.”