Jennings O'Donovan

A cyber attack targeted **Jennings O'Donovan**, an engineering firm responsible for assessing applications under Ireland’s **Defective Block Grant Scheme**. The breach compromised **personal data** of applicants, including **addresses, contact details, and photos of crumbling homes** affected by defective bricks. The incident was isolated to the firm, but the stolen data raises concerns over privacy and potential misuse, given the sensitivity of the information tied to vulnerable homeowners. The **Irish Housing Agency** is coordinating with the company to investigate the breach, notify affected individuals, and implement safeguards. The **Data Protection Commissioner** and local authorities were also alerted. While the attack did not disrupt the grant scheme itself, the exposure of personal records—particularly for families already facing housing crises—heightens risks of fraud, identity theft, or further exploitation. The firm and government agencies are under pressure to provide **transparency on the timeline, nature of the compromised data, and mitigation steps** to restore trust among impacted applicants.

Source: https://nz.news.yahoo.com/defective-block-grant-scheme-firm-111054401.html

TPRM report: https://www.rankiteo.com/company/jennings-o'donovan-&-partners

"id": "jen2732127102425",
"linkid": "jennings-o'donovan-&-partners",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': "applicants of Ireland's "
                                              'defective block grant scheme '
                                              '(thousands of homeowners in '
                                              'Clare, Donegal, Limerick, Mayo, '
                                              'and Sligo)',
                        'industry': 'construction/engineering',
                        'location': 'Republic of Ireland',
                        'name': "Jennings O'Donovan",
                        'type': 'engineering firm'},
                       {'industry': 'housing/public sector',
                        'location': 'Republic of Ireland',
                        'name': 'Irish Housing Agency',
                        'type': 'government agency'}],
 'customer_advisories': 'Affected applicants are being contacted directly by '
                        'the Housing Agency. Uncontacted applicants are '
                        'confirmed as unaffected.',
 'data_breach': {'data_exfiltration': "likely (data described as 'may have "
                                      "been stolen')",
                 'file_types_exposed': ['documents', 'images'],
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'high (includes highly sensitive '
                                        'homeowner data and images of '
                                        'defective properties)',
                 'type_of_data_compromised': ['personal identifiable '
                                              'information (PII)',
                                              'addresses',
                                              'contact details',
                                              'photographs of homes']},
 'description': "A cyber attack on Jennings O'Donovan, an engineering firm "
                "assessing applications for Ireland's defective block grant "
                'scheme, may have resulted in the theft of personal data, '
                'including addresses, contact details, and photos of affected '
                'homes. The Irish Housing Agency is investigating and '
                'notifying impacted applicants.',
 'impact': {'brand_reputation_impact': 'high (public concern, loss of trust in '
                                       'handling sensitive data)',
            'data_compromised': ['addresses',
                                 'personal contact details',
                                 'photos of affected homes'],
            'identity_theft_risk': 'potential (personal data exposed)'},
 'initial_access_broker': {'high_value_targets': ['personal data of homeowners',
                                                  'defective block grant '
                                                  'scheme records']},
 'investigation_status': 'ongoing (Housing Agency working with Jennings '
                         "O'Donovan to ascertain details)",
 'references': [{'source': 'Irish Housing Agency (public statement)'},
                {'source': 'Charles Ward TD (100% Redress Party)'}],
 'regulatory_compliance': {'regulatory_notifications': ['Data Protection '
                                                        'Commissioner '
                                                        '(Ireland)',
                                                        'local authorities']},
 'response': {'communication_strategy': 'Direct outreach to affected '
                                        'applicants; public statements via '
                                        'Housing Agency and Charles Ward TD; '
                                        'notification to Data Protection '
                                        'Commissioner and local authorities.',
              'incident_response_plan_activated': True},
 'stakeholder_advisories': 'Housing Agency and Charles Ward TD have issued '
                           'public statements urging transparency and clarity '
                           'for affected families.',
 'title': "Cyber Attack on Jennings O'Donovan Affecting Ireland's Defective "
          'Block Grant Scheme',
 'type': ['data breach', 'cyber attack']}