Northern Ireland

Social exclusion charity Extern “urgently reviewing” impact of data breach following ransomware attack

Homeless support investigating whether sensitive data was leaked on dark web by hackers

Extern in Rosemary Street, Belfast. PICTURE: MAL MCCANN
Extern's office in Belfast's Rosemary Street. The charity confirmed it was targeted in a criminal ransomware attack earlier this month. PICTURE: MAL MCCANN

A charity working with some of the most vulnerable people in society is “urgently reviewing” the implications of a criminal ransomware attack that saw data leaked on the dark web.

Extern, which is headquartered in Newtownabbey, said it became aware of the illegal disclosure of its data on April 12.

Alongside the homeless, the charity also supports people living with mental health issues, addiction and those dealing with the impact of suicide,

It operates from locations all over the island of island.

It’s understood data belonging to the charity was published on the dark web around two weeks ago.

Extern said an operation involving the PSNI’s cyber security unit managed to remove the data from the data on April 17.

The charity told The Irish News that no ransom was paid, but it is now working to examine the full extent of the data breach.

In a statement, Extern said: “We immediately instigated our incident response procedure, reporting the disclosure to the PSNI and An Garda Síochána and, with the support of external cyber security specialists, engaged in containment and investigation of the breach.

“Thanks to the support and the swift action of the PSNI cyber security unit, law enforcement was able to have this data removed on Wednesday 17th April.

“We are urgently reviewing the recovered data in order to understand the potential risks arising,” continued the statement.

“While this will take time to complete, we want to reassure those that use our services that we are taking all necessary steps to do so swiftly and will make contact with them should they be affected.

“Extern’s front line service delivery has not been impacted and services continue as normal.

A PSNI spokesperson confirmed a report of a cyber incident affecting a local charity was received on April 9, which was referred to specialist detectives in its cyber crime unit.

A spokesperson for Extern said while the charity became aware of a cyber incident on April 9, it did not become aware of the data breach until April 12.

Organisations such as charities are required to notify the UK Information Commissioner’s Office (ICO) no later than 72 hours of becoming aware of a personal data breach.

An ICO spokesperson said: “Extern Group reported an incident to us and we are making enquiries.”

Simon Whitaker who heads Belfast cyber security firm Vertical Structure and chairs the north’s cyber security cluster, Cyber NI, said while organisations are trying hard to protect themselves from malicious hackers, many still require significant support.

“It’s particularly devastating to hear when a charity that works hard to help so many is impacted by a malicious attack of this nature,” he said.

“The recent scheme from the UK National Cyber Security Centre to support charities through the basic cyber hygiene standard of cyber essentials showed how much work still needs to be done.”