As an independent agency, Tusla has responsibility for its own ICT function and has engaged with the HSE, the National Cyber Security Centre (NCSC) and the Gardaí in relation to this incident. My officials and I have been in daily contact with Tusla and our partners in government since being alerted to the attack on the 14th May, to ensure the risks can be mitigated as much as possible and frontline services can be maintained. I will continue to receive updates on this matter as this work progresses.
The Deputy will be aware of Tusla's Data Management Strategy 2019 – 2022. The Strategy includes a a focus on Data Security Management with a view to minimising the risk of inappropriate access to Tusla data. The timescale and processes contained within the strategy will be reviewed in light of the impact on Tusla of the cyber attack on the HSE.
I'd also like to confirm that the High Court injunction obtained by the HSE requiring anyone in possession of stolen data not to disclose or trade in it also applies to data relating to Tusla, the Child and Family.