Cybersecurity Incident: Your Questions

Q. What has happened?

The Office of the Ombudsman is responding to a cybersecurity incident involving unauthorised access to its IT systems. It is understood that this is a financially motivated ransomware attack and a forensic investigation is ongoing. As a precaution, some systems have been taken offline to contain the threat while the incident is investigated.

Q. Has my data been accessed?

The Ombudsman’s ICT team is working with the National Cyber Security Centre (NCSC) and external cyber incident response specialists to assess the nature and extent of the incident and to support containment and recovery. There is no evidence at this time that any data has been taken.

For general guidance relating data protection, please see the Data Protection Commission website . For general advice relating to the cyber security, please see the National Cyber Security Centre website .

Q. What action has been taken to protect my data?

The priority of the Office is to restore services safely, and to protect the people who rely on the services of the Ombudsman and the Offices it supports.

The Ombudsman’s ICT team is working with the National Cyber Security Centre (NCSC) and external cyber incident response specialists to assess the nature and extent of the incident and to further support containment and recovery. The NCSC has activated its incident response plan and has put in place enhanced monitoring to support the Office of the Ombudsman.

The incident has also been notified to the Data Protection Commissioner and An Garda Síochána.

To further protect individuals, the Office of the Ombudsman has taken legal steps, including securing an injunction from the High Court to restrict any publication of potentially stolen information.

Q. What services are impacted?

Our operational systems are currently affected. This is impacting on our ability to progress existing complaints from members of the public at this time.

Q. Can I submit a new complaint to the Ombudsman?

Yes. Our online Make A Complaint form is available. This is the easiest way to make a complaint to us. Please note: We no longer accept complaints by email. While we can accept new complaints, restoring our operational services may take some time. Your complaint will be acknowledged. However please , be aware that it may be some time before any work on your complaint starts. Unfortunately, this includes any complaints that you may consider to be urgent.

Once work has commenced on your complaint, your caseworker will contact you directly.

Q. I have already submitted a complaint to the Ombudsman. Do I need to do anything?

If you have already made a complaint to the Ombudsman, as noted above, there will be delays in relation to the processing of your case. Please bear with us and a caseworker will be in touch with you directly.

In addition, if you had been in contact with this Office for any other reason, again, please bear with us and we will get in touch with you as soon as we possibly can.