Fri, 18 Aug, 2023 - 14:30

Revenue data breaches include tax files being sent to ex-spouses

There were also dozens of cases of information being sent to the wrong address by the tax authority
Revenue data breaches include tax files being sent to ex-spouses

Ken Foxe

The Revenue Commissioners has suffered more than 370 data breaches over the past 18 months.

Among the breaches were tax files being sent to ex-spouses, a former employee who had not returned encrypted devices and files, and dozens of cases of information being sent to the wrong address.

The Revenue said that there had been 256 data breaches throughout last year with a further 119 in the period from January to June 2023.

A database, released under the Freedom of Information Act, shows the most common types of incident were staff data getting sent to the wrong recipient within Revenue, or taxpayer data getting disclosed to third parties.

There were many breaches due to mix-ups between family members, or where partners had split up.

In one case, two brothers each received the other’s tax information after an incorrect tax reference number had been provided to one of their employers.

There were two cases where Revenue correspondence was sent to the address of an ex-spouse, both where the person involved had not yet provided a change of address.

In another case, Revenue staff data was viewable by other colleagues due to what was described as an “error by [a] third party”.

One case saw taxpayer data disclosed to a former member of staff by accident while a large number of breaches were reported where data was sent to the wrong firm of accountants or tax agents.

One entry in the database detailed the disclosure of a taxpayer’s data to a government department in error while another case saw a taxpayer’s details made available to an ex-spouse due to a Revenue mistake.

There was also a case where two taxpayers each had access to one another’s information due to a mix-up by an employer, according to the records.

Encrypted devices

Among the most serious breaches logged by Revenue was a case involving the “failure by [an] ex-staff member to return encrypted devices and files”.

A spokeswoman said that the Revenue Commissioners held and processed a huge amount of data as part of its core work.

She said: “A relatively small number of data breaches, mainly caused by human error, occur from time to time.

“The risk of human error cannot by its nature be totally eliminated, but Revenue strives to minimise and manage such risk.”

She added that where a data breach was likely to result in a risk to the rights and freedoms of the individual involved, the Data Protection Commission was notified.

More in this section

Man sentenced for 'ferocious assault' outside Conor McGregor's pub Man sentenced for 'ferocious assault' outside Conor McGregor's pub
Taoiseach condemns ‘reckless strike’ on peacekeeping base in Lebanon Taoiseach condemns ‘reckless strike’ on peacekeeping base in Lebanon
Alleged squatter granted anonymity and disputes 'no right' to be in property Alleged squatter granted anonymity and disputes 'no right' to be in property
taxRevenueRevenue Commissionersdata breachFreedom of InformationData Protection Commission
Ireland coat of arms

Motor inspection firm seeks to restrain salvage business from preventing access to vehicles

READ NOW

Sponsored Content

The power of the G licence The power of the G licence
Happy couple receiving new house keys from real estate agent Time to get to grips with changes in rental laws
Boatbuilder turned engineer proves alternative paths can lead to success Boatbuilder turned engineer proves alternative paths can lead to success

Latest

EL car logoThe Echo logo
The Echo paper

DELIVERED TO YOUR HOME FOR FREE

FREE HOME DELIVERY SERVICE

The Echo paper
SIGN UP TODAY
Contact Us Cookie Policy Privacy Policy Terms and Conditions

© Examiner Echo Group Limited

Add Echolive.ie to your home screen - easy access to Cork news, views, sport and more