Publication
Cybersecurity Incident: Your Questions
Published on
Last updated on
Published on
Last updated on
Q. What has happened?
On Thursday 11 December 2025 the Office of the Ombudsman was the subject of a random cybersecurity attack on its IT systems.
It is understood that this was a random attack and a forensic investigation is ongoing. As a precaution, some systems were initially taken offline to contain the threat while the incident was investigated.
However, all public-facing services have now been restored.
Q. Has my data been accessed?
We have been working closely with forensics experts to fully investigate this incident. Arising from this work the Ombudsman is confident at this time that no personal data was taken.
Q. What action has been taken to protect my data?
Once we became aware of the incident our priority was to protect the data of people who rely on the services of the Ombudsman and the Offices it supports, and to restore services safely.
The NCSC (National Cyber Security Centre) activated its incident response plan and put in place enhanced monitoring to support the Office of the Ombudsman.
The incident was also notified to the Data Protection Commissioner and An Garda Síochána.
To further protect the data of individuals, the Office of the Ombudsman has taken legal steps, including securing an injunction from the High Court to restrict any publication of potentially stolen information. That said, the Ombudsman is confident at this time that no personal data was taken.
For general guidance relating data protection, please see the Data Protection Commission website . For general advice relating to the cyber security, please see the National Cyber Security Centre website .
Q. What services are impacted?
All public-facing services have now been restored.
However while we work to restore some of our internal support systems our case processing times will be affected. Our staff remain available to provide advice and address customer queries.
Q. Do the attackers currently have access to the IT system?
No. When the incident was discovered our IT system was secured to ensure the attackers no longer had access.
Q. Can I submit a new complaint to the Ombudsman?
Yes. Our online Make A Complaint form is available. This is the easiest way to make a complaint to us. Please note: We no longer accept complaints by email. While we can accept new complaints, restoring our operational services may take some time. Your complaint will be acknowledged. However please , be aware that it may be some time before we will be able to progress on your complaint. Unfortunately, this includes any complaints that you may consider to be urgent.
Once work has commenced on your complaint, your caseworker will contact you directly.
Q. I have already submitted a complaint to the Ombudsman. Do I need to do anything?
If you have already made a complaint to the Ombudsman, as noted above, there will be delays in relation to the processing of your case. Please bear with us and a caseworker will be in touch with you directly.
In addition, if you had been in contact with this Office for any other reason, again, please bear with us and we will get in touch with you as soon as we possibly can.