Crime & Law

Ombudsman’s office targeted with suspected ransomware attack

Office believes sensitive data may have been taken from its systems

A similar attack targeting the HSE in 2021 impacted almost 10,000 people and cost over €100 million to repair. Photograph: Getty Images
A similar attack targeting the HSE in 2021 impacted almost 10,000 people and cost over €100 million to repair. Photograph: Getty Images
Conor Gallagher
Wed Dec 17 2025 - 16:16

The Office of the Ombudsman has been hit with a suspected ransomware attack and believes sensitive data may have been taken from its systems.

In response, the office has taken its systems offline while the matter is investigated. The Garda, the National Cyber Security Centre (NCSC) and the Data Protection Commissioner has been notified.

The Ombudsman’s office has also obtained an injunction in the High Court forbidding anyone in possession of stolen data from publishing it.

Ransomware attacks typically disable targets’ computers and steal sensitive information. Cybercriminals then threaten to publish or sell the information if a ransom is not paid.

RM Block

Dublin man found guilty of manslaughter for killing ‘intruder’ at his home

Putin predicts European ‘swine’ backing Ukraine will lose power

Enoch Burke will not be prosecuted for criminal contempt, Attorney General tells High Court

Patients in Dublin mental health hospital left in soiled clothes, slapped and threatened

A similar attack targeting the HSE in 2021 impacted almost 10,000 people and cost over €100 million to repair.

The Office of the Ombudsman investigates complaints from the public against public service providers.

It also provides IT services to several other bodies including the Information Commissioner, the Commissioner for Environmental Information, the Protected Disclosures Commissioner, the Standards in Public Office Commission and the Commission for Public Service Appointments.

These services have also been disrupted by the incident, the Office of the Ombudsman said in a statement.

It said it is working closely with the NCSC and external cyber defence specialists “to assess the nature and extent of the incident and to support containment and recovery”.

Ger Deering said the priority now was to establish the nature of the attack. Photograph: Michael Chester
Ger Deering said the priority now was to establish the nature of the attack. Photograph: Michael Chester

“It is understood that this is a financially-motivated ransomware attack and a forensic investigation is ongoing. Due to the nature of these types of attacks the Office of the Ombudsman is operating on the basis that data may have been taken.”

The National Cyber Security Centre has activated an “incident response plan” and put in place “enhanced monitoring in support of the Office of the Ombudsman.

“I want to apologise for the inconvenience or any concerns caused to the people who use our services. We appreciate your patience and assure you we are doing everything possible to resolve the matter and restore our services”, Ombudsman Ger Deering said.

He said the priority now was to establish the nature of the attack, restore services and protect the people who use the office.

  • Join The Irish Times on WhatsApp and stay up to date

  • Sign up for push alerts to get the best breaking news, analysis and comment delivered directly to your phone

  • Listen to In The News podcast daily for a deep dive on the stories that matter

Conor Gallagher

Conor Gallagher

Conor Gallagher is Crime and Security Correspondent of The Irish Times