It has not yet clear how many passengers were affected by the data breach relating to boarding passes issued for flights during August, but RTÉ News understands it may be in the hundreds of thousands.
In August 3.8 million passenger journeys were made on flights through Dublin Airport.
It has not been revealed yet what type of information may have been exposed.
Airport operator daa, which operates Dublin and Cork airports, said yesterday that an investigation has been launched into a data breach involving a third-party supplier, Collins Aerospace.
One of the files on the compromised server contained passenger boarding pass data relating to departures from Dublin Airport from 1 August to 31 August 2025.
Last Friday, daa received information that the file may have been exposed online by a cyber-criminal group.
It made an initial report to the Data Protection Commission (DPC) about the breach on Friday 19 September after being notified by Collins Aerospace of a compromise of its IT systems.
"daa is aware of a data security incident involving a third-party supplier, Collins Aerospace," a daa spokesperson said.
"The matter is under active investigation, and we are working closely with our regulators (IAA, DPC & NCSC) and affected airline partners."
"At this time, there is no evidence of any direct impact on daa systems."
"Passengers who travelled in August do not need to take any immediate action but should remain alert to any unusual activity related to their bookings," the spokesperson added.
The DPC said it is working with daa on the issue.
"I can confirm that we have received a breach notification in relation to this matter and are engaging with daa on it," said Deputy Commissioner Graham Doyle.
News of the data breach was first reported by The Irish Times.
