Although the reported breach occurred last Thursday and the relevant authorities were notified on Friday, it has come to light that the breach first occurred in May.
Personal details such as car registration numbers, email addresses and mobile phone numbers have been compromised, but no personal bank account or credit or debit card details were accessed.
The council hasn’t disclosed the exact nature of this attack in order to limit its vulnerability to future attacks.
Is your organisation #BreachReady?
This is the second reported data breach in a month that directly impacts Irish organisations, with Eir announcing in August that personal details of up to 37,000 customers were affected by a breach. It may be time to ask whether your organisation is prepared for a breach, and whether you could report a breach to the DPC (Data Protection Commissioner) within the required 72 hours.
The EU GDPR’s (General Data Protection Regulation) mandatory notification requirements are likely to pose significant challenges to many organisations and require careful planning to ensure compliance.
IT Governance Europe has a range of tools and services available to help with everything from breach prevention, to training staff, to preparing your organisation for incidents.
To help Irish organisations get #BreachReady, we are offering up to 20% off selected data protection and incident response solutions.