IRC Statement- Smart Simple Data Incident


Posted: 17 September, 2021

The Irish Research Council is working with Smart Simple, the data processor which manages the application system on behalf of the Council, on a data breach incident after discovering a system configuration error late this week which granted unauthorised access to the system.

Upon detecting the error action was taken immediately to secure the system, which means that the data is now secure while we undertake necessary extensive investigations into the incident. Based on the information gathered to date, we know some personal details of applicants were able to be viewed by other applicants, including names and contact information. There is no indication that this data was misused in any way.

The incident has been reported to the Data Protection Commission. An incident response team is working to fully investigate the incident and enhance the safeguards to prevent any reoccurrence. We have rapidly but carefully resolved this issue on the system to enable us to continue to work and communicate with our stakeholders.

We will, of course, contact anyone affected in due course.

Any enquiries can be directed to dataprotection@hea.ie

Irish Research Council

Data Protection Notice

Please read our updated Data Protection Notice.

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set these optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences.

For more detailed information about the cookies we use, see our Privacy Policy page

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone.