Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Irish Privacy Watchdog Steps in as Government Site Exposes Citizens’ Data

Irish Privacy Watchdog Steps in as Government Site Exposes Citizens’ Data
Irish Privacy Watchdog Steps in as Government Site Exposes Citizens’ Data
The Irish Data Protection Commissioner has been forced to step in after it was revealed that a government online portal exposed citizens’ personal information, potentially putting it in the hands of identity fraudsters.
 
The Department of Arts, Heritage and the Gaeltacht has now removed all civil registration records – which include dates-of-birth and mother’s maiden name – from the irishgenealogy.ie site, according to the Irish Times.
 
The info is not strictly classed as 'sensitive' but is frequently used by banks and other institutions to authenticate customers’ identities and as such could be tapped by cybercriminals to launch attacks.
 
Although the commissioner was consulted before the portal was launched, he was led to believe that only records over 100 years would be placed online, the report claimed.
 
The individual who notified the Irish Times about the error had performed “an important public service, before it became a treasure trove for people of evil intent”, commissioner Billy Hawkes told the paper.
 
The irishgenealogy.ie site inadvertently allowed users to build up detailed profiles of citizens free of charge and in just a few clicks – perfect fodder for cybercriminals.
 
Dublin-based information security consultant, Brian Honan, agreed that the info available on the portal could
have been used quite easily to commit fraud, phishing attacks or ID theft.
 
“It is a prime example of why organizations need to conduct a comprehensive Privacy Impact Assessment (PIA) before design, developing, and launching any systems that process personal information,” he told Infosecurity.
 
“It is also a great example as to why we need banks and other institutions to move away from using information which can be easily sourced from Facebook, Google, and other online databases, as a means of proving the identity of people remotely accessing services.”

Irishgenealogy.ie was launched in March 2013 by former heritage minister Jimmy Deenihan with a mission to make publically available important historical records such as the 1901 census.

What’s Hot on Infosecurity Magazine?