An eir laptop containing personal data for a number of our customers was stolen from a public location. The laptop was password protected but not encrypted. While we believe that data is typically wiped by thieves in these situations in order to sell the laptop, it is possible that the data could be exposed.

We estimate that up to 37,000 eir customers could be affected. 

No the vast majority of customers are not impacted by this issue. If you do not receive correspondence from us regarding your account then you are not affected.

If you received an email or letter from eir then some or all of the following information could have been on the laptop: customer name; email address; eir account number; or contact number.

No.

No. Our data protection rules are very rigorous but if you are concerned about the security of your account, you can add an additional security question to your account.

Data retention policies depend on the type of data and how we use it. When we make a decision what data to keep we consider the information we need to best provide our customers with our products and services, to help us manage our relationship with our customers, and to make sure we meet our statutory obligations. We retain active customer data for as long as the customer remains with us. For those that leave us, we will eventually destroy that data in line with our retention policy.

Customers will receive an email, and in the case we do not have a valid email address for the customer they will receive a letter or a phone call where appropriate.

eir treats privacy and protection of all data extremely seriously and our policy is that all company laptops should be encrypted as well as password protected. In this case the laptop had been decrypted by a faulty security update the previous working day.

We are reviewing our IT and data protection systems and policies to ensure a situation like this cannot happen again.