Publication
Cybersecurity Incident: Your Questions
Published on
Last updated on
Published on
Last updated on
This page is being actively updated to reflect latest information. This page was first published on 17 December, 2025, and was updated on 19 December, 22 December, 6 January, 19 January and 29 April.
Information reviewed and correct as of: 29 April 2026.
Q. What happened?
On Thursday 11 December 2025 the Office of the Ombudsman was the subject of a random cybersecurity attack on some of its IT systems.
As a precaution, some systems were initially taken offline to contain the threat while the incident was investigated. Systems not affected by the attack remained online, but access to the electronic case management system, which we rely on to carry out our work, was no longer available.
Q. Has my data been taken?
Based on extensive investigations, including forensic investigations, and all the information currently available to us, we are confident that no personal data was taken. Our priority is to continue to protect people’s personal data.
Q. What action has been taken to protect my data?
Once we became aware of the incident our priority was to protect the data of people who rely on the services of the Ombudsman and the Offices it supports, and to restore services safely.
The NCSC (National Cyber Security Centre) activated its incident response plan and put in place enhanced monitoring to support the Office of the Ombudsman.
The incident was also notified to the Data Protection Commissioner and An Garda Síochána.
We are now confident that no personal data was taken. However, at an early stage, an injunction was secured from the High Court prohibiting any publication of data.
For general guidance relating to data protection, please see the Data Protection Commission website . For general advice relating to the cyber security, please see the National Cyber Security Centre website . For queries relating to Ombudsman data protection, see our Privacy notice .
Q. What services are impacted?
The loss of access to our case management system has had a direct impact on our ability to examine and investigate complaints in line with our expected timelines.
We have since worked hard to develop a new case management system, which will support our staff in restoring services to full capacity as soon as possible. While this system is now in place, we are still experiencing delays due to the number of complaints that have been received during this recovery period.
While we anticipate that we will still be able to acknowledge and deal with some complaints quickly, more complicated complaints will see a current delay of at least 12 weeks, from date of receipt, before being allocated to a caseworker for investigation.
Q. Do the attackers currently have access to the IT system?
No. When the incident was discovered our IT system was secured to ensure the attackers no longer had access.
Q. Can I submit a new complaint to the Ombudsman?
Yes. Our online Make a Complaint form is available. This is the easiest way to make a complaint to us. Please note: We no longer accept complaints by email. While we continue to accept new complaints, working through the complaints received while our services were disrupted will take some time. Your complaint will be acknowledged on receipt but please be aware that there continue to be delays in progressing complaints. Once work has commenced on your complaint, a caseworker will contact you directly.
Q. I have already submitted a complaint to the Ombudsman. Do I need to do anything?
If you have already made a complaint to the Ombudsman, as noted above, there will be delays in relation to the processing of your complaint. Please bear with us and a caseworker will be in touch with you directly.