Four organisations that deal with victims and survivors of rape and sexual abuse have had their data stolen following a ransomware attack on a company in Northern Ireland.
The company, Evide, which is based in Derry and manages data for around 140 charities and non-profit organisations in Ireland, Northern Ireland and the UK, was targeted by cyber criminals last month.
A spokesperson for Evide confirmed last night that as soon as it became aware that its systems had been accessed, it contacted the police and engaged cyber security specialists to help it contain the issue and support recovery efforts.
None of the material stolen, which is described as “highly sensitive and personal information”, has so far been published on the ‘Darknet’ or other online forums.
RTÉ News understands that a ransom has been sought but none has been paid.
The four organisations are in Dublin and the south of the country and include One in Four, which helps adults who have experienced childhood sexual abuse and their families and those who have engaged in harmful sexual behaviour.
One in Four said it has so far contacted around 500 people whose personal information may have been stolen. It has also set up a helpline for victims which will operate from today.
CEO Maeve Lewis has asked people with concerns to go to their website for information on the helpline and other supports.
Speaking on RTÉ’s Morning Ireland, Ms Lewis said One in Four is not fully sure what data has been stolen.
“The data which was stolen included personal information. There would also have been short records of people’s engagement in our services – that is stored separately. So we really don’t know what the situation is with that data. We do know that any attachments, any letters, any reports for example, to child protection services, they have not been accessed.”
Ms Lewis said the most valuable information that has been accessed is personal data, which can be very valuable to hackers.
“We were told by the cybersecurity experts that that data is very valuable because it can be sold to people who then go on to commit or try to commit fraud, by for example, getting bank account details or…other personal data,” she said.
It is believed around 2,000 victims, survivors and suspected perpetrators may have been affected in Ireland, along with other organisations and individuals in Northern Ireland and the UK.
Evide said it became aware of the security breach when unusual traffic was detected on its network late last month and discovered its systems had been compromised.
It contacted the PSNI, which has commenced a criminal investigation.
Police in Derry confirmed that it had received a report of a cyber incident from a local business on 30 March.
The attack is being investigated by specialist detectives from the PSNI Cyber Crime Investigation team.
Gardaí say they are assisting the PSNI in its investigation and the National Cyber Crime Bureau has been providing advice to a number of companies.
The Data Protection Commissioner has also confirmed that it has received a number of data breach notifications.
In a statement to RTÉ News, a spokesperson for Evide said: “We recently became aware of an incident when unusual traffic was detected on our network.
“As soon as we became aware that a third party had accessed our systems we immediately contacted the PSNI and engaged the services of experienced cyber-security specialists to assist us to contain the issue, support recovery efforts, and conduct a thorough investigation.
“We have provided notifications to all relevant stakeholders and clients and also notified the relevant authorities, including the Police Service of Northern Ireland who notified An Garda Síochána. The incident is now also subject to a criminal investigation.”
Talk to Cyber Security Company LoughTec today on how we can protect you from ransomware attacks with 24/7/365 real-time response. For more information on Cyber Security for your organisation, contact LoughTec Telephone: +44 (0) 28 8225 2445 or email info@loughtec.com
https://www.rte.ie/news/2023/0417/1377329-data-ransomware/
