Around 16,000 individuals were alerted to a potential data breach resulting from an “administrative error” by publicjobs.ie, a recruitment service provider for civil and public service jobs. Due to this mistake, 15,471 candidates received messages that may have contained another person’s name and job alert details. Although the Public Appointments Service (PAS) swiftly recalled the message, 529 candidates had already opened it. PAS, an independent service offering recruitment, assessment, and selection services to public sector clients, including government departments and local authorities, promptly notified the Data Protection Commission about the incident.
The error occurred when collating the mailing list for a message intended to update candidates subscribed to certain roles in the civil service about qualification requirements for a specific competition. Unfortunately, each candidate received a message addressed to and containing the job alert details of a third party. PAS clarified that, aside from the list of job alerts and the affected person’s name, no additional personal information was compromised in the data breach. PAS took immediate action to recall the message from every account holder’s inbox, but candidates who had already accessed the message were unable to have their opened messages deleted from PAS’s system.
The PAS emphasized that the breach did not involve any additional personal information beyond the job alerts list and names. All individuals potentially impacted by the breach were promptly contacted. The Data Protection Commission has been informed about the incident. The recruitment service provider, publicjobs.ie, plays a crucial role in facilitating civil and public service job placements, and the breach underscores the challenges organizations face in maintaining data security and privacy, especially when dealing with sensitive candidate information.
