IDP has been made aware of a potential Data Breach incident involving a limited amount of data that we hold as part of our organisation. We would however like to reassure the public that the systems within IDP are safe and secure and there has been no direct leak of data originating from the IDP network. However, one of our software partners (Evide) has had a cyber-attack which has resulted in data being stolen from their main system. This unfortunate incident has been completely outside the control of IDP.
Evide is a software company based within Derry, NI. They have informed us that a third party has gained access to their systems and stolen data from their Impact Tracker software. They have been working with a team of cyber experts to investigate the issue. While they cannot say for certain that all of the data has been stolen, they have advised their customers to assume their data is stolen. Identity Theft is when someone uses someone else’s personal information to obtain goods, services or money without their permission. To be extra cautious we must, therefore, assume that data that IDP has stored within their Impact Tracker may also have been stolen.
While IDP has recently started to use this system to record details of programme attendees and participants, it does not have any financial or medical data on this system. IDP stores a limited amount of data within the Impact Tracker such as contact details.
IDP takes data privacy and cybersecurity seriously. As there is a chance that our data may have been stolen, we would advise our clients to be extra vigilant at this time.
Shauna McClenaghan Joint CEO explained ‘IDP is very frustrated about this incident given our long track record and high standards of data protection. While it affected only a small number of individuals, we take protection of information very seriously and regret that this may have happened. It was completely outside of our control’.
Evide has informed IDP that there is no evidence of the data been used within the Dark Web. The Dark Web is an area of the internet often used by criminals for exchanging/selling stolen information as well as other criminal activities.
IDP has reviewed its internal security systems and can confirm that there is no risk to data held within our network or systems. We are continuing to monitor our systems during this time.
Given the nature of the data stored within the Impact Tracker, there is a potential risk of Identity Theft for some people. Shauna further explains ‘We have contacted those involved directly to outline the issue and its potential impact as well as making available our staff should they have any further questions. We are advising that all those potentially impacted by the incident take extra precautions at this time such as being aware of suspicious emails and texts from unknown or untrusted senders and not to open any attachments or click on links from unknown senders.’
IDP is working closely with the Data Protection Commission and industry experts in resolving the matter and further helpful advice on protecting yourself from fraud can be found on an Garda Síochána’s website (https://www.garda.ie/en/crime/fraud/).
IDP has designated staff members available to help answer any questions you may have at this time. If you are concerned, you can contact our office directly at Tel: 074 93 62218 or Email: [email protected]