Personal data of 380,000 welfare recipients stolen

August 11, 2008

By Carl O'Brien

THE DEPARTMENT of Social and Family Affairs is contacting 380,000 social welfare recipients after it emerged their personal details were stored on a laptop computer which was stolen more than a year ago.

About 100,000 of the records contained bank account details of welfare recipients.

Information relating to these welfare recipients was stored on a computer used by the Comptroller and Auditor General at a Department of Social and Family Affairs office on Dublin's Pearse Street in April 2007.

Minister for Social and Family Affairs Mary Hanafin said yesterday she was "very concerned" that her department was not made aware by the comptroller of the extent of the loss at the time the theft was reported to gardaí last year.

The department was only informed of the extent of the data on the laptop just over a week ago

In a stern rebuke to the comptroller's office, Ms Hanafin said: "I view the loss of information and time very seriously."

The Minister said officials at her department would be contacting welfare recipients whose bank details were on the laptop over the next two weeks. Letters will be issued to all other recipients affected, offering them advice and reassurance about the safety of their information.

"We will be asking them to check their own records, particularly their bank records, to ensure that there has been no suspicious activity. If they notice anything suspicious they should contact their financial institution and the department," Ms Hanafin said.

The information on the laptop was password-protected, but the data was not encrypted.

The department said it had been in contact with Bank of Ireland and it had seen nothing to indicate any connection between fraud activity and missing welfare records.

Data Protection Commissioner Billy Hawkes said the theft of the laptop was a "very serious incident" and he expressed concern at the potential implications for those affected. Mr Hawkes said he had spoken to the Comptroller and Auditor General John Buckley and further meetings with officials at the office would take place this week on data-sharing procedures.

He expected all major holders of personal data in the public and private sector to "fully examine all their policies in relation to the collection and storage of data to ensure that incidents of this scale and nature can be avoided in future".

Mr Hawkes praised the department for its decision to contact all of those directly affected.

In a statement yesterday, Mr Buckley's office said it regretted the loss and the risk that the information could be improperly disclosed or misused. It said it has taken a number of steps to reduce the risk of any recurrence, such as introducing an encrypted working papers system last year and limiting the amount of client data held on laptop computers.

Sixteen laptop computers belonging to the Comptroller and Auditor General's office have been stolen since 1999.Most people affected by the data breach which was disclosed yesterday were recipients of various social welfare schemes during 2005.

The department has set up a dedicated helpline (see panel) for members of the public if they are affected or if they have any concerns. Advertisements will appear in national and regional newspapers outlining the effects.

main page ATTRITION feedback