The GAA has confirmed that personal details of over 500,000 members contained on a database have been compromised.
Among the details on the database are references to the medical condition of some members.
In a statement issued this afternoon the GAA said it was informed of the data breach on November 19th that disks containing the database had been received by the Office of the Data Protection Commissioner and the GPA. The Information Commissioners Office in Belfast also received a disk.
The Office of the Data Protection Commissioner is investigating the breach and is liaising closely with the Police Service of Northern Ireland (PSNI) and the Information Commissioner's Office in Belfast.
The GAA has informed all clubs of the incident and has put in place a dedicated information line available at 1890 987807(from the Republic) and 0800 011 4787 (from Northern Ireland) for any GAA members with concerns or who wish to establish whether their data is affected.
The database contains the names and addresses of 501,786 members.
In the case of 544 members, the database contains reference to a medical condition. The GAA said it was writing directly to these members setting out what information was recorded about them.
The database also includes the birthdates of 288,511 members along with the mobile numbers of 107,212 members. In addition, the landline numbers of 63,695 members is on the database as is the email addresses of 30,171 members.
Approximately 167,157 of the members on the database are under 18 years of age. The GAA stresses that no mobile phone or email details of these members should have been included in the data.
The GAA also said no financial details are on the database and the breach does not affect any of its other IT systems.
The Office of the Data Protection Commissioner said there is no evident as yet that the data will be used for illegal purposes such as identity theft.
However, it advised GAA members to be cautious in relation to any unsolicited contacts they receive through the post, over the phone or particularly via e-mail that refer to their GAA membership and that seeks to elicit further personal information.
Servasport, a Belfast based company that develops and maintains the GAA membership database, has issued an unreserved apology to the organisation and its members.
