Email data exfiltration at Ireland Revenue Department

22 avril 2013

In a recent mishap, the Ireland Revenue department accidentally sent more than 100 internal emails to citizens outside of their organization. According to acting deputy commissioner Mike Hewetson, this was not due to human error or a cyberattack. However, the incident caused non-employees to receive organizational email messages, making it a significant risk.

"The software corruption resulted in a unique situation where the 'to' and 'from' address lines for a group of emails were scrambled," Hewetson said, according to 3 News. "Since Friday, we have worked with our key vendors, to not only identify the problem, but to remedy and test a solution to ensure this will not happen again."

Hewetson said they completed health checks at the office to make sure other systems were not affected by this software malfunction. Even one breach is too many, he said, adding that people should be assured that their department is trying hard to maintain the security and privacy of information. The department plans to contact people personally to apologize and address individual situations.

Even a single data breach can result in significant costs. With email security in place that integrates data loss prevention rules, any internal messages containing sensitive information can be stopped and never reach unintended recipients. Preemptive action can mean real savings, both monetarily and to an organization’s reputation.

Vous utilisez Postini? Pourquoi la sécurité offerte par un fournisseur d'applications dans le cloud peut s'avérer insuffisante