Tusla is to begin contacting 20,000 people whose personal information was stolen during the 2021 cyber attack on the Health Service Executive.
The child and family agency said the personal information of some people who have been involved with Tusla services and a small number of its employees was illegally accessed and copied.
The information includes referrals made to Tusla, reports and correspondence with service users.
Names, addresses, phone numbers and information on staff leave and travel expenses were also accessed.
It said there is currently no evidence that any of the stolen information has been published online on the 'dark web' or elsewhere, but that it is continuing to monitor the situation with the assistance of cyber-security experts.
Tusla said it is currently trying to verify the addresses of the 20,000 people affected and that it will begin contacting them by registered post.
It said the process is expected to take until November to complete and it has created a dedicated response team to provide support and guidance to the people who receive a notification letter.
We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences
Tusla said it is treating the process with the utmost sensitivity and consideration and that people who receive a letter will have the choice of meeting face to face with a case worker or going directly to a portal to access their personal information that was affected.
Tusla Director of Services and Integration Kate Duggan said: "We sincerely regret the impact this criminal cyber attack has had on people who have been involved with Tusla services, and on our teams across the country, and we will be apologising to each person we write to as part of our notification process.
"We have worked hard to create a process that is transparent, empathetic and supportive for those who have been affected.
"We acknowledge that it has taken some time for the commencement of this notification programme, however it was crucial that each record that was affected by the cyber-attack was carefully reviewed to identify the people affected. We also have to ensure that letters are being sent to verified addresses.
"Notifications will continue over the coming months, and we ask for understanding and patience as we continue to work through this complex process."
Tusla said after the attack a High Court order was secured restraining any sharing, processing, selling, or publishing of data stolen as part of the cyberattack and the Data Protection Commissioner
It said the agency and the HSE were assisted by the Garda National Cyber Crime Bureau, the International Criminal Police Organisation (Interpol) and the National Cyber Security Centre to respond to the attack and at the end of December 2021, An Garda Síochána provided Tusla with a copy of the files that were illegally accessed and copied.
Tusla said it carefully reviewed the information, to identify individuals affected, in accordance with GDPR guidance, and guidance from the Data Protection Commission.
It said much of its IT infrastructure has migrated to Tusla-owned and secured systems since the attack and last year it commenced a €13m investment in cyber-security infrastructure.
The association representing social workers says the compromising of Tusla information in the HSE cyber attack is of great concern.
Vivian Geiran, Chair of the Irish Association of Social Workers, said while it was a relief that the main case management system was not accessed, confidentiality is the key to the social work profession, so the compromising of that information is of significant concern.
He commended the agency for providing both information and supports to people affected and said that while for some people they will be able to deal with the information well, others may be more personally affected by the revelation that their data has been compromised.
