Tusla to contact 20,000 people whose data was compromised in 2021 cyberattack

RSS

Syndicated Content

Published: Mon 20 Feb 2023, 2:39 PM

Last updated: Mon 20 Feb 2023, 3:11 PM

By Gráinne Ní Aodha, PA

Tusla is to begin contacting around 20,000 people whose data was compromised in the 2021 HSE cyberattack.

The child and family agency said there was no indication the data had been published online, but they would continue to monitor the situation.

It said the information of some people using Tusla services and a “small number” of employees was illegally accessed and copied.

This could include HR information such as leave requests, said Kate Duggan, Tusla deputy chief executive and national director of service and integration.

“In relation to members of the public, this is relating to anything from referral letters, to reports, to email correspondence,” she told RTÉ radio.

“And when we talk about 20,000 individuals, it may not be, or won’t be a whole file relating to an individual, it may be one document, one letter, one report. But that’s not to say that (it doesn’t) contain very sensitive information.”

Tusla is to begin contacting people whose information was illegally accessed and copied during the cyberattack, a process expected to be completed by November.

Ms Duggan offered an apology to those affected, and said Tusla would continue to monitor the situation with the assistance of cyber-security experts.

“There is also no evidence that any of the Tusla information has been involved in scams or other fraudulent activity,” she said in a statement.

“We sincerely regret the impact this criminal cyberattack has had on people who have been involved with Tusla services, and on our teams across the country, and we will be apologising to each person we write to as part of our notification process.

“We have worked hard to create a process that is transparent, empathetic and supportive for those who have been affected, and we will offer each person we write to the choice to call our dedicated team for support and guidance, or, to meet face-to-face with a case worker, should they wish to do so.

“We acknowledge that it has taken some time for the commencement of this notification programme, however, it was crucial that each record that was affected by the cyberattack was carefully reviewed to identify the people affected. We also have to ensure that letters are being sent to verified addresses.

“Notifications will continue over the coming months, and we ask for understanding and patience as we continue to work through this complex process.”

Tusla said in a statement: “Given the nature of the work that Tusla does, in terms of personal social service provision across a range of areas, the types of personal information affected include names, addresses, contact phone numbers, correspondence with service users, various reports, and referrals made to Tusla.

“For staff, information what was affected includes documents such as HR forms submitted in relation to leave and files relating to staff travel expenses. Tusla has considered the individual needs of the people affected by the cyber attack and will take account of these when notifying them.

“All IT systems that support Tusla services were restored by June 30, 2021, and much of Tusla’s IT infrastructure has since completed a migration to Tusla-owned and secured systems, of which cyber-security is a cornerstone.

“Tusla has worked closely with An Garda Siochana, the National Cyber Security Centre, and various other specialist national and international agencies to strengthen our IT security and we continue to assess our systems for vulnerabilities.”

Tusla said a €13 million euro investment in cyber-security infrastructure was made at the start of 2022 across its device, email, and network security.