SENSITIVE DETAILS OF over 300 subscribers to the directory of the horse trade magazine The Irish Field were hacked and released online on Saturday. The information has not yet been secured.
A link to the information which included names, postal addresses, phone numbers, email addresses, usernames and passwords of the 327 subscribers to The Irish Field’s trade directory was posted on Boards.ie over the weekend and the information was online for 54 minutes. When boards.ie staff were alerted to the material, they immediately removed the link.
Gardaí and the Data Protection Commissioner (DPC) are investigating the incident and users affected have been notified.
However, the DPC has told TheJournal.ie that the information is likely to have been posted elsewhere.
A spokesperson added that there was “ongoing concern” and a “focus on trying to secure the information”.
It is hoped that the information has been completely removed from the public domain but the DPC was unable to confirm that this was the case.
As well as this, a link to details of users of the ThinkIrish.ie website were also posted including the names, passwords, and email address of 60 users of the website.
Attempts by TheJournal.ie to contact representatives from ThinkIrish.ie have been unsuccessful but they are aware of the incident and are preparing a report for the DPC. The website has been taken offline by its hosting company.
The Irish Field is a weekly newspaper dedicated to racing and equestrian sports. It is part of The Agricultural Trust which also owns the Irish Farmer’s Journal. It was previously owned by the Irish Times.
In a statement, The Irish Field’s managing editor Leo Powell said:
On Saturday, we were informed by the moderators of Boards.ie that a list of named registered users from our site had been posted on one of their discussion forums.
They had promptly removed the offending post, blocked the user and passed the details onto the Data Commissioner and the Gardai.
We took immediate steps to prevent any further breach of security. Initial investigations confirmed that there had been no physical breach of our servers.
While the details of only a sub-section of our users has been affected, we have followed the advice of the Gardai and notified all registered directory users of theirishfield.ie within hours of being made aware of the incident.
The sensitive information was posted to boards.ie by a first-time user at 10.34am last Saturday, 9 April and was removed at 11.28am.
Communications manager for Boards.ie Darragh Doyle told TheJournal.ie:
Once the post was noticed by our moderators it was removed and acted upon.The organisations in question were contacted as were the Gardaí and the Data Protection Commissioner.
The Irish Field’s 2011 directory is currently offline as it investigates the circumstances surrounding the breach.
The directory claims to be “the most comprehensive listing anywhere of Irish stud farms, stallions, trainers, jockeys, riding clubs, hunts, organisations and more” and is freely available to anyone who registers their details.
TheJournal.ie and boards.ie are both part of the Distilled Media Group