So the "headline" is not 19 people. That was just the Advanced Query Syntax for Exchange. It's actually nearly 20 years of emails for a large organisation. 1000s of people, many millions of emails.

So arguably one of the largest data breaches in the history of the State

it is interesting, the term "breach". It came up recently with the Facebook/CA stuff. Had these emails been stolen via a traditional hacking method, this would amount to the largest hack at *any* Irish company that I can recall.

It would be on the scale of DNC mail server hacks executed by Russia in 2016. It would actually be bigger. It's impossible to overemphasise just how serious this is. I'm not sure what's worse: the scale of it, or that the emails weren't "hacked" but simply walked out the door.

This is in the gargantuan levels of security breaches. And the allegation is that it was effectively paid for by a major shareholder: Denis O'Brien.

Of course it might be argued that the "data interrogation" was paid for but that still leaves millions of emails walking out the door.

Who authorised the email server backup being removed from the premises?
Was any of this declared as a related party transaction in the accounts?

What obligations was there on directors of the company to inform the board?
What obligations were there to inform staff
What obligations were there to inform other shareholders?
What obligations were there on management to protect company data?

In whose precise interests was it that INM property was removed from the premises?
In whose precise interests was it that staff emails - containing personal and work emails - were effectively made into a mini search engine?
What was the objective?

as best I can tell it's this:

The then Chairman of INM wanted to do an exercise on company emails for some reason to do with cost reduction or find a particular contract. This results in the company's entire email archive being handed over to third parties.

But the Exchange Query actually used, it seems to me, has nothing to do with a search for a particular contract. It's a list of people. People, and all their emails. People who are oddly connected to stories to do with INM's largest shareholder.

is it normal for the chairman of a listed company to behave this way?
Would it not have been easier ask a manager to query the database on premises and have a look?
Was it necessary for the entire email archive of INM to walk out the door, based on the reason given?

to be clear: if you've ever emailed anyone *at* INM, there's a good chance your email is in the database we're talking about. And if in that email you mentioned particular names, the query used would have found *your* email.

the ODCE allegation is:

A searchable archive of INM emails was created from a company backup
This was was then queried by a third party based on a list of names
Emails were related to those names
The third party was paid by a Denis O'Brien controlled company

Here's a related thread. The company that says it does cloud backup services for INM is also owned by Denis O'Brien and chaired by Leslie Buckley. It also had Irish Water as a client. Interesting at least.

External Tweet loading...
If nothing shows, it may have been deleted
by @gavinsblog view original on Twitter