- 17 Apr 23
Approximately 2,000 are believed to be affected by the attacks, half of which are understood to be survivors of abuse.
Over 1,000 survivors of sexual abuse have had their data stolen following a recent ransomeware attack on a company based in Northern Ireland.
The company, Evide, manages data for around 140 charities and non-profit organisations around Ireland, six of which were the targets of the recent attack. Four of these six organisations manage the information of sexual abuse survivors.
A spokesperson for Evide confirmed that the Derry-based company contacted the police and cyber security specialists as soon as they became aware of the breach, and are now aiding in the PSNI Cyber Crime Investigation team's criminal investigation into the attack, alongside the gardaí.
It is believed that the hackers may have attempted to contact the afflicted organisations for ransom payments, but no money has yet changed hands.
Speaking on RTÉ's Morning Ireland, former special adviser to Europol, Brian Honan, said: "The goal for the criminals is to make money and we are seeing a shift in tactics by cyber criminals towards targeting service providers like this because the criminals believe that there's going to be extra pressure brought to bear by the customers of that service provider for these ransoms to be paid... ultimately, their goal is to make money and they will stoop to any depths to do that."
This was a supply chain attack, Honan asserted, one in which there is extra pressure for the host company to comply with ransom demands, as the company's clients are also victims of the hack. However – as of now – none of the stolen material has been published to the darkweb or any other internet forums.
One of the organisations who had information stolen was Dublin-based One in Four, a charity which seeks to end cycles of abuse, featuring programmes which support victims of childhood sexual exploitation and those who have engaged in harmful sexual behaviour.
"Our priority at all times is to the welfare and wellbeing of our clients," read a statement on the organisations website. "We have begun contacting individual clients directly to advise them of the incident and to address any concerns they may have."
The organisation has also set up a helpline for victims of the hack, which went into operation today.
In conversation with RTÉ’s Morning Ireland, One in Four chief executive Maeve Lewis urged people to be wary of suspicious emails and text messages.
“We have become aware that our clients’ personal data has been accessed so that means email addresses, phone numbers and so on have been accessed,” she confirmed, adding:
“We’re being told by cyber security experts that that data is very valuable because it can be sold to people who then go on to try and commit fraud. We’ve been reaching out to people and trying to contact people individually for the last week or so. If they’ve not heard from us, they can access support and information on our website.”