Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Alamy Stock Photo

Bus Éireann published commercially sensitive material on dozens of companies on website

The information included the contract details for more than 100 school bus routes.

BUS ÉIREANN HAS notified the Data Protection Commission after it published commercially sensitive material for up to 80 companies on a procurement website.

It said it “inadvertently” released the information containing details for the contracts and pricing of 119 school bus routes used over the past five years.

The names of the nearly 80 coach companies involved in the scheme were also included, it is understood.

One industry source warned that ramifications arising from the breach include a danger that small coach companies in the sector may be undercut by larger competitors due to the prices being revealed.

The semi-state is contracted to run the school transport scheme but the vast majority of routes are handled by private operators.

It uploaded a new tender for the nation’s school bus routes on a procurement portal last Friday 12 July but had mistakenly included the commercially sensitive information about the companies.

The new tender scheme covers school bus routes for the next five years.

In a statement to The Journal, Bus Éireann confirmed that a “data breach did occur” through its schools transport procurement portal and that it concerned the “rate for contracts” that expired last month.

The company said it had assured transport operators that the breach was an “isolated incident” due to “human error” and that it “regrets that this unintentional incident” ever occurred.

“Bus Éireann wish to assure all school transport operators this is an isolated incident and that we are taking appropriate steps to address matters through enhanced controls to ensure the continued integrity of the School Transport procurement process.”

It said the contract details were “uploaded to the site at approximately 9pm” last Friday 12 July and stressed that the “error was discovered at approximately 9.15am” the following morning. The company said it quickly removed the material from the site following this.

However, some coach companies saw the information in the few hours it was available.

The Journal has learned that the company has since had to contact some coach companies this week asking them to “immediately delete” contract details that were downloaded last week.

A spokesperson for the Coach Tourism and Transport Council, the largest representative body in the country for commercial bus operators, said that it had has been engaging with Bus Éireann on the “alleged breach of operators’ data”.

“We continue to provide support and advice to all of our members on any issues affecting their business. We have no further comment to make at this time.”

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
JournalTv
News in 60 seconds