Northern Ireland ICRIR reports limited data breach due to administrative error

The Northern Ireland Independent Commission for Reconciliation and Information Recovery (ICRIR), an organization responsible for investigating unresolved cases from the Northern Ireland Troubles, has apologized after experiencing what it described as a "limited data breach" on the afternoon of March 18.

According to the Commission, the names of 25 individuals who had contacted the ICRIR were mistakenly disclosed to a single recipient who had previously sought assistance from the Commission. The majority of these individuals were Requesting Individuals (RIs) who had reached out to the ICRIR regarding Troubles-related cases.

The breach occurred due to an administrative error involving an incorrect email address. The incident was discovered within several hours of its occurrence, and the Commission has confirmed that the recipient has since deleted the information. The ICRIR claims that no sensitive information beyond the names was disclosed in this breach.

In response to the incident, the ICRIR has initiated an internal investigation to determine how the breach occurred and to implement measures to prevent similar incidents in the future. The Commission has also issued a formal apology to those affected by the breach.