Data from charities stolen in ransomware attack

/in


Stock image of computer code

Stock image of computer code

Hackers have stolen data from charities and community organisations in a cyber attack on a Londonderry-based IT company.

Evide manages data for about 140 organisations across the island of Ireland and the UK, including groups that work with victims of sexual crime.

It was targeted in a ransomware attack last month.

Specialist cyber crime officers from the Police Service of Northern Ireland (PSNI) are investigating.

“Enquiries, in conjunction with our national partners, are ongoing,” a PSNI spokeswoman said.

“As such, it would be inappropriate to comment further at this time.”

Phone numbers

Belfast-based charity and social enterprise Orchardville is one of the organisations involved.

Its database has information about participants and next of kin contacts – but no financial details are held.

In a letter to service users seen by the BBC, Orchardville said it was not yet known how much of its data, if any, had been accessed.

“But we wanted to make you aware of what has happened as soon as possible so that you can be more alert to any suspicious attempts to contact you,” the organisation said.

Dublin-based One in Four, a charity that works with adults who have experienced childhood sexual abuse, has been contacting users.

Its chief executive Maeve Lewis told RTÉ’s Good Morning Ireland programme that data including phone numbers and email addresses has been stolen.

Computer keyboard

Computer keyboard

“We were told by the cybersecurity experts that that data is very valuable because it can be sold to people who then go on to commit or try to commit fraud, by for example, getting bank account details or other personal data,” she said.

She said more than 1,000 people who have engaged with the charity may be affected and the charity had managed to contact about 500 of them to date.

“We do know that any attachments, any letters, any reports for example, to child protection services, they have not been accessed,” she added.

It is understood three other Republic of Ireland sexual abuse charities have been affected.

‘Unusual traffic’

Evide said it had became aware of the incident when unusual traffic was detected on its network.

“As soon as we became aware that a third party had…

Source…