Publication
Cybersecurity Incident: Your Questions
From Standards in Public Office Commission (SIPO)
Published on
Last updated on
From Standards in Public Office Commission (SIPO)
Published on
Last updated on
Note: This page is being actively updated to reflect latest information. This page was first published on 17 December, 2025, and was updated on 19 December, 22 December, 6 January and 19 January.
Q. What happened?
On Thursday 11 December 2025 we were the subject of a random cybersecurity attack on some of our IT systems.
As a precaution, some systems were initially taken offline to contain the threat while the incident was investigated. Systems not affected by the attack are now back online, and we are working hard to fully restore normal service.
Q. Has my data been taken?
Based on extensive investigations, including forensic investigations, and all the information currently available to us, we are confident that no personal data was taken. Our priority is to continue to protect people’s personal data.
Q. What action has been taken to protect my data?
Once we became aware of the incident our priority was to protect the data of people who rely on the services of the Commission, and to restore services safely.
The NCSC (National Cyber Security Centre) activated its incident response plan and put in place enhanced monitoring to support the Commission.
The incident was also notified to the Data Protection Commissioner and An Garda Síochána.
We are now confident that no personal data was taken. However, at an early stage, an injunction was secured from the High Court prohibiting any publication of data.
For general guidance relating to data protection, please see the Data Protection Commission website . For general advice relating to the cyber security, please see the National Cyber Security Centre website . For queries relating to Office of the Standards in Public Office Commission’s data protection, see our Privacy notice .
Q. Do the attackers currently have access to the IT system?
No. When the incident was discovered our IT system was secured to ensure the attackers no longer had access.
Q. What services are impacted?
By 15 December, all public-facing services had been restored. However, as a result of this attack some of the systems we relied on to carry out our work are no longer available. We have put in place processes to securely manage cases and we are working hard to fully restore normal service. However, we continue to experience some delays in progressing cases. Our staff remain available to provide advice and address customer queries.
Q. I have electoral returns that need to be submitted to SIPO – is there any change to the way that I should do that?
Please continue to submit returns by email to electoral@sipo.ie or by post to 6 Earlsfort Terrace, Dublin 2, D02 W773
Our access to our email systems is secure.
Q. I have ethics returns that need to be submitted to SIPO – is there any change to the way that I should do that?
Please continue to submit returns by email to submissions@sipo.ie or by post to 6 Earlsfort Terrace, Dublin 2, D02 W773
Our access to our email systems is secure.
Q. I have a complaint being processed by SIPO, will that be affected?
Complaints that have already been received will continue to be processed.
SIPO will continue to receive and process new complaints through the online Make a complaint form.
Our access to our online form is secure.
Q. Has there been any impact on the Register of Lobbying?
There is no interruption to any functions or operations related to the Register of Lobbying. Registrations and returns may be submitted as usual.
Any lobbying related queries may be addressed to info@lobbying.ie
Our access to our email systems is secure.
Any updates will be provided on the website.