Fri, 18 Aug, 2023 - 14:30

Revenue data breaches include tax files being sent to ex-spouses

There were also dozens of cases of information being sent to the wrong address by the tax authority
Revenue data breaches include tax files being sent to ex-spouses

Ken Foxe

The Revenue Commissioners has suffered more than 370 data breaches over the past 18 months.

Among the breaches were tax files being sent to ex-spouses, a former employee who had not returned encrypted devices and files, and dozens of cases of information being sent to the wrong address.

The Revenue said that there had been 256 data breaches throughout last year with a further 119 in the period from January to June 2023.

A database, released under the Freedom of Information Act, shows the most common types of incident were staff data getting sent to the wrong recipient within Revenue, or taxpayer data getting disclosed to third parties.

There were many breaches due to mix-ups between family members, or where partners had split up.

In one case, two brothers each received the other’s tax information after an incorrect tax reference number had been provided to one of their employers.

There were two cases where Revenue correspondence was sent to the address of an ex-spouse, both where the person involved had not yet provided a change of address.

In another case, Revenue staff data was viewable by other colleagues due to what was described as an “error by [a] third party”.

One case saw taxpayer data disclosed to a former member of staff by accident while a large number of breaches were reported where data was sent to the wrong firm of accountants or tax agents.

One entry in the database detailed the disclosure of a taxpayer’s data to a government department in error while another case saw a taxpayer’s details made available to an ex-spouse due to a Revenue mistake.

There was also a case where two taxpayers each had access to one another’s information due to a mix-up by an employer, according to the records.

Encrypted devices

Among the most serious breaches logged by Revenue was a case involving the “failure by [an] ex-staff member to return encrypted devices and files”.

A spokeswoman said that the Revenue Commissioners held and processed a huge amount of data as part of its core work.

She said: “A relatively small number of data breaches, mainly caused by human error, occur from time to time.

“The risk of human error cannot by its nature be totally eliminated, but Revenue strives to minimise and manage such risk.”

She added that where a data breach was likely to result in a risk to the rights and freedoms of the individual involved, the Data Protection Commission was notified.

More in this section

Ulster Funeral Jameson Coroner firm over preparations for inquest into murder of loyalist in Portadown
Nest of invasive Asian hornets ‘safely removed’ in first for Ireland Nest of invasive Asian hornets ‘safely removed’ in first for Ireland
'Botox war' between co-owners of beauty clinic settled 'Botox war' between co-owners of beauty clinic settled
taxRevenueRevenue Commissionersdata breachFreedom of InformationData Protection Commission
Garda College graduation ceremony

McEntee ‘disappointed’ Fórsa did not re-enter talks

READ NOW

Sponsored Content

Dell Technologies Forum to empower Irish organisations harness AI innovation this September Dell Technologies Forum to empower Irish organisations harness AI innovation this September
The New Levl Fitness Studio - Now open at Douglas Court The New Levl Fitness Studio - Now open at Douglas Court
World-class fertility care is available in Cork at the Sims IVF World-class fertility care is available in Cork at the Sims IVF

Latest

EL car logoThe Echo logo
The Echo paper

DELIVERED TO YOUR HOME FOR FREE

FREE HOME DELIVERY SERVICE

The Echo paper
SIGN UP TODAY
Contact Us Cookie Policy Privacy Policy Terms and Conditions

© Examiner Echo Group Limited

Add Echolive.ie to your home screen - easy access to Cork news, views, sport and more