Statistics requested from each Government Department by the Peadar Tóibín TD has reveal that there have been in excess of 2,000 data breaches from government departments since 2019, with over 400 of the breaches taking place in 2021.
The Aontú leader said that “given the events of the past week, in terms of the HSE and Department of Health cyber attack, a lot of questions have been posed about the security of data in the State.
“It has always been apparent to me how exposed we are to data theft and cyber attacks – last year the National Cyber Security Centre was given a budget of only five million euro, and to put that in context the Department of An Taoiseach spent almost 17 million on online advertising/ public relations last year. The NCSC doesn’t have a director or a permanent premises and operates with a mere 25 staff. Given the reality of underfunding and under resourcing when it comes to cyber and data security it is hardly unexpected to see such a high level of data leaking from government departments year on year.
“The figures released to us don’t show the number of data breaches recorded in the HSE or the Department of Health – because due to the cyber attack the department was unable to process or answer my parliamentary question!” he said.
Deputy Tóibín continued: “The Department of Children has confirmed to me that separately TUSLA suffered a staggering 362 data breaches last year, almost one for every day of the year. If we look at the departmental breakdown of the breaches we see that the Departments of Social Protection, Foreign Affairs and Justice hold the records for the highest numbers of data breaches in recent years – I find this extremely concerning given that these departments hold such highly sensitive data”.
“While many of the breaches have been reported to the Data Protection Commission many more have gone unreported. I’ve today written to all departments asking them to explain this and seeking clarity on the nature of the data lost. An attack like the one we’ve seen in the past week was imminent for some time, and indeed I’ve been raising the issue of cyber security since 2013. There are serious questions to answer here, especially given the potentially fatal consequences of this attack in terms of delayed cancer treatments and so on. This is a despicable criminal attack on the lives of the most vulnerable in our country, and we must work to ensure that nothing remotely like it ever happens again”, concluded Tóibín.
The figures released to the Aontú leader were: