merrion street

Dara Murphy, T.D., Minister for European Affairs and Data Protection has today (Thursday 31st July) expressed concern over the data breach at Paddy Power which occurred in October 2010. This has resulted in approximately 649,000 customers being contacted today by Paddy Power regarding personal information which may have been compromised. The Data Protection Commissioner was notified about the breach on 12 May 2014 when further information came to light about the allegation of the information held on the database being in possession of a person in Canada.

“I am very disappointed that it has taken until now for Paddy Power to inform its customers” said the Minister. The breach occurred in October 2010 and Paddy Power did not inform the Office of the Data Protection Commissioner at the time. While is not mandatory to report such breaches under the Code of Practise, which was implemented earlier in 2010, it is recommended best practise.

“Paddy Power put in place increased security measures after the breach in 2010 and I have been in touch with the Office of the Data Protection Commissioner, which met with Paddy Power representatives this week” the Minister continued. “My office and that of the Data Protection Commissioner will be working closely in relation to this matter. It is best practise to inform the Commissioner as soon as these breaches occur, and although these were not breaches of password or financial information, the data security breach Code of Practice should be followed at all times in order to safeguard personal information and assure customers that their data is secure."