The charity organization Save the Children International revealed that it was hit by a cyber attack. The company disclosed the security incident after the ransomware gang BianLian listed the organization on its Tor leak site.
The BianLian extortion group claims to have stolen 6,8 TB of documents, including International HR data, international personal data. International financial data (over 800 GB), international medical and health data and international email correspondence.
A Save The Children spokesperson told Recorded Future News that the cyber attack had no impact on the operations of the organization. The organization notified law enforcement agencies and is working with external cyber security experts to investigate the security breach.
“There has been no operational disruption and the organization continues to function as normal to build a better future for children across the world. We are working hard with external specialists to understand what happened and what data was impacted so we can take all the appropriate next steps,” the organization’s spokesperson told Recorded Future News.
The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufactoring, media and entertainment, and healthcare.
In July 2023, security firm Avast released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files.
In July 2020, Save the Children suffered a data breach that was caused by a ransomware attack on cloud computing provider Blackbaud.
Blackbaud is a cloud computing provider that serves the social good community — nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Save the Children)
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
This website uses cookies.
