In an email sent to affected individuals, the ISSU said it detected unusual activity in its internal IT systems on Friday, May 9, 2025. The union immediately stopped the activity and began an investigation, supported by ISSU administrators.
On Monday, May 12, the ISSU confirmed that the activity was unauthorised and that user data may have been accessed between April 30 and May 9. The data possibly included members' first names, last names, and email addresses.
However, the ISSU assured members that payment and banking details are stored in a separate system and were not affected by the incident.
“At this time, we have no evidence that any data was taken or misused,” the union stated. “We are informing you out of an abundance of caution.”
The ISSU said it is taking the matter seriously and has launched a full review of its systems and security practices. It has also reported the incident to An Garda SÃochána and the Data Protection Commissioner.
To prevent future incidents, the union is working with cybersecurity experts to improve its system protections, including monitoring for suspicious activity, reviewing administrative access, and training its team.
As a precaution, all current and former members are being advised to change their ISSU account passwords and take steps to secure any linked accounts or email addresses.
Members seeking further information are asked to contact the ISSU by email at DalyL1@issu.ie. The union noted that all communications regarding this matter must be in writing and that phone calls will not be accepted.
“We sincerely apologise for any inconvenience this may have caused,” the ISSU said in its message.
Source: Irish Independent
Tags:
Cybercrime in World
