I was a bit unsure where to put this one, but I guess I'll present it as a consumer concern about the capacity of the Irish DPC, therefore consumer issues..
Go the the DPC website. Look for Case Studies, now 2017, cases 16 and 17. Spot the mistake.
I tried to contact them on their website, privately, but they stop you, saying if you don't have a legitimate data breach concern, don't contact. Ok then!
It does trouble me that they are responsible for EU-wide data issues in so many cases. But anyone who has done their background on this lot knows about the lame-duck appointments agreed as far back as Enda Kenny.