A ransomware attack against Ireland’s Office of the Ombudsman caused major disruption, with reporting indicating that investigators were locked out of key systems and that casework delays could extend for months. The Times reported that the electronic case management system was among the affected services and that the incident is being examined by the Garda National Cyber Crime Bureau and the Data Protection Commission.
The operational lesson is familiar but still under-learned: resilience is not merely perimeter security. Public sector organisations, often running constrained budgets and complex legacy infrastructure, remain attractive targets for ransomware operators seeking leverage through disruption. Even where an organisation believes no data was exfiltrated, ransomware events create immediate availability impacts and regulatory scrutiny — especially where sensitive casework and vulnerable individuals are involved.
From a governance perspective, incidents like this raise questions about backup strategy, recovery capability, segmentation, and the ability to restore critical systems quickly. They also underline the importance of crisis communications and legal coordination — including managing the risk of leaked documents and responding to any data protection reporting obligations.
Acompli perspective: This is exactly where structured incident readiness pays off. Organisations that can quickly evidence system ownership, data categories, access controls, backup and recovery testing, and breach decision-making reduce operational chaos during an incident. Incident response is not just a security function; it is a cross-functional governance exercise that benefits from having your systems, suppliers, and risks mapped in one place.