Thursday, 27 May 2021
Department of Children, Equality, Disability, Integration and Youth
77. To ask the Minister for Children, Equality, Disability, Integration and Youth the impact of the recent cyber-breach on Tusla services; if any data has been compromised; the budget for data security in the agency in each year since 2010; and if he will make a statement on the matter. [28752/21]
The recent cyber-attack on HSE IT systems has impacted on the operational functioning of Tusla, Child and Family Agency. Many of Tusla's key systems operate on HSE-supported systems, including the National Child Care Information System (NCCIS), the Child Protection Notification System (CPNS) and some legacy and corporate systems.
As a security measure, Tusla actioned an immediate containment shutdown across all systems on the 14th May. This was supported by agency-wide communication that devices were to remain shut down until cleared by the Tusla ICT Directorate.
A crisis management team chaired by CEO continues to meet for all key management decisions required with this incident. A technical incident room chaired by Director of ICT has been established. Tusla has communications and engagement with the HSE, the National Cyber Security Centre (NCSC), An Garda Siochana and relevant statutory regulatory bodies including the Data Protection Commissioner in view of the sensitive nature of records and files held by Tusla.
Tusla continues to prioritise Child Protection and Children in Care Services (including assessment) as normal. While the referrals portal is impacted, referrals must be made over the phone and anyone with a concern is being asked to contact their local duty social work office. Details are available on www.tusla.ie/about/ict-update/. Social workers are continuing to visit children and work with them and their families throughout this period
It is not possible to be definitive as to whether any of the data held has been compromised. A number of investigations and processes are underway in the HSE and Tusla to determine the impact on all systems. Initial indications from the advices received and Tusla's own assessment are that records from NCCIS have not been the subject of theft. However, this remains under active review in the overall investigation and ongoing assessment processes.
For operational and security reasons, the NCSC has advised not to disclose details of systems and processes which could in any way compromise cybersecurity efforts. This includes costs in relation to cyber security tools and services and operational security matters.