Inishowen Development Partnership (IDP) has been made aware of a potential security breach involving a limited amount of data held by them.
They moved to reassure the public that their internal systems are safe and secure and there has been no direct leak of data originating from the IDP network.
However, one of their software partners, Derry-based Evide, was victim to a cyber-attack which resulted in data being stolen from their main system.
“This unfortunate incident has been completely outside the control of IDP,” a spokesperson for the organisation said.
Evide has informed IDP that a third party has gained access to their systems and stolen data from their Impact Tracker software.
“While they cannot say for certain that all of the data has been stolen, they have advised their customers to assume their data is stolen,” added the IDP spokesperson.
“To be extra cautious we must, therefore, assume that data that IDP has stored within their Impact Tracker may also have been stolen. While IDP has recently started to use this system to record details of programme attendees and participants, it does not have any financial or medical data on this system. IDP stores a limited amount of data within the Impact Tracker, such as contact details.”
IDP, they added, takes data privacy and cybersecurity seriously.
“As there is a chance that our data may have been stolen, we would advise our clients to be extra vigilant at this time.”
Shauna McClenaghan, Joint CEO, added that IDP is ‘very frustrated’ about this incident given their long track record and high standards of data protection.
“While it affected only a small number of individuals, we take protection of information very seriously and regret that this may have happened. It was completely outside of our control,” she said.
Ms McClenaghan added that Evide has informed them that there is no evidence of the data being used within the Dark Web, an area of the internet often used by criminals for exchanging/selling stolen information as well as other criminal activities.
“IDP has reviewed its internal security systems and can confirm that there is no risk to data held within our network or systems,” she continued.
“We are continuing to monitor our systems during this time. Given the nature of the data stored within the Impact Tracker, there is a potential risk of Identity Theft for some people. We have contacted those involved directly to outline the issue and its potential impact as well as making available our staff should they have any further questions.”
Ms McClenaghan advised that all those potentially impacted by the incident take extra precautions at this time, such as being aware of suspicious emails and texts from unknown or untrusted senders and not to open any attachments or click on links from unknown senders.
IDP is working closely with the Data Protection Commission and industry experts in resolving the matter and further helpful advice on protecting yourself from fraud can be found on an Garda Síochána’s website: https://www.garda.ie/en/crime/fraud/
If you are concerned, you can contact DIP directly on 074 93 62218 or email enquiries@inishowen.ie
Tags: