Home Knowledge More Data Security Breaches: Revenue, GAA and Fine Gael in the Spotlight

More Data Security Breaches: Revenue, GAA and Fine Gael in the Spotlight

February 2, 2011
Partner
Leo Moore

Leo Moore, David Cullen

Recent media reports of a cyber attack on the Fine Gael website, along with the theft of data relating to over 500,000 GAA members and the theft of 10 laptops from the Revenue Commissioners, has firmly placed the issue of data protection back in the spotlight.

The hacking of the Fine Gael website, allegedly by the ‘Anonymous’ group, apparently resulted in the personal details of nearly 4,000 people being compromised. The Anonymous group has gained notoriety recently following a number of high profile cyber attacks against companies such as Amazon, Paypal, Mastercard and Visa in retaliation for those companies withdrawing their support from Wikileaks following the publication of confidential US Government communications.

The GAA members’ data, reported to have been stolen following a security breach at a Belfast company, included names and addresses, dates of birth, mobile phone numbers, email addresses and, in around 500 instances, medical information. The breach also affected over 150,000 members who are under the age of 18. It has also been reported that the Revenue Commissioners had 10 laptops stolen from their offices in Ashtown. The laptops in question are believed to have been encrypted, therefore greatly reducing the risk of the data on the machines actually being accessed. The Office of the Data Protection Commissioner is currently investigating the above data security breaches and has a number of powers available to deal with such breaches including potential civil and criminal sanctions.

More and more companies are having to face the challenges raised by a data security breach (see our previous article on a cyber attack against a UK law firm ) which highlights the importance of ensuring that adequate plans are in place to deal with them. In the case of cyber attacks, this should include appropriate staff training, encryption of sensitive data and firewalls designed to cope with an attack of this nature. It is also advisable to create a staff policy so that potential data security breaches are recognised and that the appropriate steps, as outlined in the recently published Data Security Breach Code of Practice (which is discussed here), are taken.

In addition companies should examine the nature and purpose of the data they are gathering. In the case of the Fine Gael website the data was gathered from individuals who wished to leave a comment on the website. Companies should review their policies relating to data gathering and storage so as to ensure that they have adequate protection in place depending on the nature of the data they gather and store.

Recommended Insights

See all
Article and Insights
1
Feb 2024
Responsible Business Annual Report 2023
William Fry is pleased to launch its Responsible Business Annual Report 2023.
Article and Insights
2
Feb 2024
Digital Operational Resilience Act – second batch of technical standards launched for consultation
We focus on the second batch of draft implementation measures announced by the Eur...
WF_author_blank
Partner
John O’Connor
Article and Insights
2
Feb 2024
John Delaney Documents – Supreme Court Refuses Leave to Appeal
The Supreme Court has refused leave to appeal from a decision rejecting John Delan...
WF_author_blank
Consultant
Deirdre O’Donovan
Article and Insights
24
Jan 2024
Cross-Examining Affidavit Evidence in Insolvency Cases
The High Court recently dismissed a petition seeking the winding up of a biofuel c...
WF_author_blank
Partner
Fergus Doorly
prev
next
See all