We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.


Tusla staff report having more time for face to face work in aftermath of HSE cyberattack

Internal records detail how some employees reported being less burdened with emails.

SOME TUSLA STAFF reported being less burdened with emails and having more time to do face to face work in the aftermath of the cyberattack that crippled health service computer systems.

Internal records detail how employees in two regions reported at least one upside from having fewer emails to contend with on a daily basis.

Feedback from staff in the Dublin Mid-Leinster region said: “Staff are enjoying doing a lot more face to face work and less emails.”

A similar sentiment was expressed by those working in the Dublin North-East Region: “Staff are feeding back that they are enjoying less emails and hopefully lessons will be learnt from this.”

The documents detail two separate phases of Tusla’s recovery from the cyberattack: a four-week ‘Operation Green’ to get their main systems online and a second six-month ‘Operation TuslaIrl’ to restore everything fully.

An internal note from June detailed how the cyberattack damaged Tusla’s National Childcare Information System (NCCIS) but that backups of the data “look fine”.

“It will be a long process back from this point,” said the note: “HSE must do a complex piece of work around this and they have committed resources and prioritised this work for Tusla.”

The note also said that “ransom notes” remained on some of their systems and that they would be removed as IT teams became aware of them.

Feedback from various teams around the country revealed a range of problems in different sections and regions.

In the West, there was “some fatigue” from manually inputting data but staff there had been “asked to hold firm” according to the note.

Staff in the south described new forms they were being asked to use as cumbersome and queried when they would have access to laptops.

In both Dublin Mid-Leinster and Dublin North-East, employees remarked on having fewer emails to deal with but said that “things are slower”.

The Children’s Service Regulation section said that inspections continued but that there was a “pinch point” with staff having to come to one of their offices in Limerick.

A note of their comments said: “Access to shared drives/portals would be hugely beneficial as there are several staff not able to work without systems.”

Private placements for vulnerable children were described as a “challenge” as the system for referrals had been compromised and was taking longer.

The internal note said: “[There’s a] vulnerability around HR [human resources] and recruitment with special care in particular.

“The CEO advised that the internet being turned off is affecting recruitment and is currently controlled by the HSE. Front line posts will be prioritised.”

Staff in the education support service had fully screened and cleaned laptops returned to them within six days, work that was described as “immensely appreciated”.

“If [the education support service] can offer any support to colleagues around the country, they are keen to help,” said the records.

A separate update for the Tusla board said that there had been “significant progress” on restoring systems but that the four-week timeline for ‘Operation Green’ would not be met.

Dated 25 June, the update said email had been restored in seven of their nine areas, with access to email history still unavailable, however.

The National Childcare Information System (NCCIS) and Tusla’s external portal were described as remaining “significant system challenges”.

It also said that virtually all information from their main databases had been recovered as it backed up every 15 minutes.

The board update said: “This backup frequency has enabled the database restorations required to be recovered to a point in the late evening of 13 May. As such, all work entered on these systems at close of business before the overnight cyber encryption is now recovered.”

The brief said the National Childcare Information System (NCCIS) had been “significantly corrupted” and that major work remained to be done.

It also said the timeline for reopening of external portals for mandatory reporting, early year providers, online referrals, and a variety of other services was not yet clear.

“The HSE have disconnected these public facing services as a continued containment measure and at this time there is no agreed timeline set for their restoration,” said the CEO report for the board.

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Your Voice
Readers Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel