Personal details of more than 500 GAA members have been stolen.
One man was arrested followed the security breach at Belfast company Servasport, which held the database.
The information taken includes postal and email addresses, phone numbers and in just over 500 cases, medical information.
In relation to the 501,786 members the database holds 288,511 dates of birth, 107,212 mobile numbers, 63,695 landline numbers, and 30,171 email addresses.
Around 167,000 of the members on the database are under 18. However, it is GAA policy that mobile phone or email details of under 18s should not be stored on any database.
The UK Information Commissioner is working on the case with the Republic's Office of the Data Protection Commissioner.
"The Office of the Data Protection Commissioner wishes to assure those affected that there is no evidence as yet that the data in question will be used for an illegal purpose or could be used to perpetrate identity theft on its own," said a spokesman.
"However, affected GAA members should be cautious in relation to any unsolicited contacts they receive through the post, over the phone or particularly via email that refer to their GAA membership and that seek to elicit further personal information."
The GAA has told all clubs of the incident and set up an information line for concerned members. The man was released on bail pending further police enquiries.
Consultants Deloitte has been engaged to undertake an independent review of Servasport and other suppliers of IT to the GAA. Information Line can be accessed on 1890 987 807 in the Republic of Ireland and 0800 0114787 in Northern Ireland.