Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Alamy Stock Photo

Hackers seek service user and financial data in cyberattack on disability services charity

Data has been accessed externally from some of the Rehab Group’s servers, an investigation has found.

HACKERS HAVE EXTERNALLY accessed data held by a charity providing disability services in Ireland as part of a cyberattack.

Minister of State Ossian Smyth, with responsibility in the government for cybersecurity, has said the perpetrators are trying to obtain service user data and threaten to delete or release it. 

The Rehab Group, which provides supports for disabled adults and children, is the victim of a cyberattack on some of its IT systems that it notified the Data Protection Commission of two weeks ago.

An investigation into the attack has found that some data has been accessed externally from some of the charity’s servers.

The National Garda Cyber Crime Bureau and the National Cyber Security Centre are investigating the attack on Rehab’s IT systems.

In a statement, Rehab said that since informing the DPC about the attack, it has deployed its “full resources and engaged external, specialist expertise to undertake a forensic investigation of the nature and extent of the attack on our data servers”.

“We have also engaged with the National Garda Cyber Crime Bureau and the National Cyber Security Centre from the outset and will continue to do so. We are communicating information as the position becomes clearer to advise and educate our stakeholders following this callous attack on our organisation,” the statement said.

In the wake of the finding that some data has been accessed externally from some of its systems, Rehab has updated the Data Protection Commission.

Its Serious Incident Management Team is working alongside the experts to determine what data has been accessed.

“This could potentially involve employees and people who use our services. We are working hard to ascertain to what extent the accessed data comprises personal data, and to whom such personal data may relate,” Rehab said.

“We have further enhanced our monitoring capabilities since the attack and to date, there is no evidence that any data from our organisation has been used inappropriately. There is also no evidence that some recently reported scams are linked to this cyber-attack.

“Unfortunately these scams reflect the nature of the cyber-security environment we are operating in, where these events are becoming more common-place,” it said.

The people who use, work and live in our services remain our number one priority. There has been no disruption to services to date because of this attack, and we will work to ensure this remains the case.

“We will continue to engage with our employees, people who use our services and key stakeholders throughout the coming days and weeks to ensure everyone remains updated and is fully informed of any significant changes arising from our continued investigation.”

Speaking on RTÉ Radio One’s Morning Ireland today, Minister of State Ossian Smyth outlined that there are three types of cyber threats that Ireland is monitoring.

“There are those that come from nation-states where they’re trying to destroy infrastructure, where they’re trying to wipe out something. That is a destructive attack.”

He said the threat of such an attack on Ireland is believed to be low at the moment.

“There are espionage threats, where a foreign government is trying to collect information on citizens or collect intelligence, the minister said.

“We think that the threat of that is now high with the war that’s going on,” he said.

“And then there’s the general, the most common thing, which are the criminal attacks where someone is trying to get money, like the ransomware attack in the HSE, and we think that’s at a constant level at the moment.”

Smyth described the attack on Rehab as a “plain vanilla ransomware criminal attack where they were trying to obtain money in exchange for blackmailing Rehab with threats of destroying their data or publishing their debt”.

“They’re trying to get patient data, they’re trying to get financial data, they’re threatening to publish it and destroy it.

“There is a garda investigation into that – I don’t think I’m allowed to comment on the progress of that, but there is a guard investigation.

“At this stage, we can’t say whether people’s data has been breached or any data has been lost, but all the right things are being done to deal with it.”

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Author
Lauren Boland
View comments
Close
Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds