A software error at an IT company based in Limerick that supports tow truck companies operating on behalf of An Garda Síochána, the Irish police force, has exposed thousands of Irish motorists to the risk of a data breach.
In August, Jeremiah Fowler, an international cybersecurity researcher, discovered the breach and alerted the Gardaí to the issue. Fowler identified confidential documents, including debit card details, driver’s licenses, registration numbers, incident summary reports, and the names and details of drivers within the exposed database. Hackers and scammers could exploit the high-resolution images of these documents for identity theft, fraud, or other malicious activities.
Some compromised data originated within An Garda Síochána, while others came from different state bodies, adding complexity to the investigation. Following the breach notification, Gardaí promptly contacted the IT firm responsible for the error and launched an internal probe.
The Data Protection Commissioner (DPC) is currently investigating the breach to determine the responsible party. Gardaí, however, have emphatically stated that they bear no responsibility for the breach.
The extent of this security vulnerability and how long it persisted remains uncertain, but it has exposed approximately 512,000 documents dating back to 2017. Among the affected individuals are motorists who had their vehicles towed on behalf of the Gardaí.
