Ireland’s child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive.

The HSE is Ireland’s publicly funded national healthcare system and social services agency. It formerly provided IT services to Tusla.

An investigation into the ransomware attack against HSE, led by An Garda Síochána – Ireland’s police force – found that “some personal information belonging to a number of people who have been involved with Tusla services and a small number of Tusla employees was illegally accessed and data was copied,” the agency says.