Jump to content

Evide data breach

From Wikipedia, the free encyclopedia

The Evide data breach was a data breach caused by ransomware in Northern Ireland.[1][2][3][4][5][6]

Evide

[edit]

Evide is a company based in Derry which specialises in data storage and analysis for charities.[2] Evide manages data for around 140 organisations.[2] At least four of the affected organisations deal with survivors of rape or sexual abuse.[6]

Events

[edit]

Breach

[edit]

The Police Service of Northern Ireland has confirmed that it was contacted in March about a cyber attack and it was investigating.[3] Gardaí are cooperating with them, including the Garda National Cyber Crime Bureau.[3]

The charity One in Four was told of the breach on 5 April 2023.[2]

Disclosure

[edit]

The news of the breach was made public on 17 April 2023.[1][2][3][4][5][6][7]

Impact

[edit]

A number of organisations were affected, including the Dublin-based charity One in Four, which supports adult survivors of child sexual abuse. Maeve Lewis, CEO of One in Four, told RTÉ News that personal data, including phone numbers and email addresses had been stolen. However, letters and reports to child protection services were not taken. About 1000 people who had been engaged with One in Four might be affected. One in Four contacted Evide to ask them to take legal action against the attackers as One in Four was not directly attacked.[1][2][3][4][5]

Orchardville, an organisation based in Northern Ireland, said that it was not sure if any of its data was affected.[3][4]

Charities affected could be investigated by the Data Protection Commissioner.[2]

Reactions

[edit]

Ossian Smyth said the investigation was in early stages and urged caution as some stories circulating may not be true.[1]

See also

[edit]

References

[edit]
  1. ^ a b c d Clarke, Vivienne; Sheehy, Mairead (2023-04-17). "Abuse victims warned over 'dodgy emails' following ransomware attack". Irish Examiner. Retrieved 2023-04-18.
  2. ^ a b c d e f g Brennan, Cianan (2023-04-17). "Charities for abuse victims may face sanctions over data breach". Irish Examiner. Retrieved 2023-04-18.
  3. ^ a b c d e f "Cyber attack: Data from charities stolen in ransomware attack". BBC News. 2023-04-17. Retrieved 2023-04-18.
  4. ^ a b c d Boland, Lauren (2023-04-17). "Investigation underway into cyber attack affecting charities for sexual assault survivors". TheJournal.ie. Retrieved 2023-04-18.
  5. ^ a b c McGreevy, Ronan; Clarke, Vivienne (2023-04-17). "Sex abuse survivors' charity One in Four victim of data breach". Irish Times. Retrieved 2023-04-18.
  6. ^ a b c Reynolds, Paul (2023-04-17). "Abuse victims' data stolen in ransomware attack". Retrieved 2023-04-18.
  7. ^ Jordan, Jeff. "Data breach investigation". Retrieved 17 June 2023.
[edit]
  • Evide - home page of the targeted company