‘A plain, vanilla criminal attack’ – charity Rehab hit by hackers with employee and service user data potentially compromised
The Rehab Group has confirmed that data belonging to its employees and people who use the service may have been compromised during a recent cyberattack.
The minister with responsibility for eGovernment described the incident as a “plain, vanilla ransomware, criminal attack where they were trying to obtain money”.
The charity, which provides disability services for over 10,000 adults and children, has confirmed that it was the victim of cyber attack two weeks ago and since then it has been working with the Data Protection Commission and cyber security experts to assess and repair the damage caused.
The Rehab Group has described the attack on “some of its IT systems” as “callous”.
The charity said it has deployed all available resources and engaged external, specialist expertise to undertake a forensic investigation of the nature and extent of the attack on its data servers.
It said the team of experts are continuing to work through the investigation and are supporting the charity to bring its systems safely back online.
“We have updated the Data Protection Commission on this development today. Our Serious Incident Management Team is working hard, in tandem with the experts to determine what data has been accessed,” the Rehab Group said it a statement.
“This could potentially involve employees and people who use our services. We are working hard to ascertain to what extent the accessed data comprises personal data, and to whom such personal data may relate.
“We have further enhanced our monitoring capabilities since the attack and to date, there is no evidence that any data from our organisation has been used inappropriately. There is also no evidence that some recently reported scams are linked to this cyber-attack. Unfortunately these scams reflect the nature of the cyber-security environment we are operating in, where these events are becoming more common-place.”
The charity has engaged with the National Garda Cyber Crime Bureau and the National Cyber Security Centre.
The Rehab Group said it is communicating information as the position becomes clearer to advise and educate its stakeholders.
The statement added: “The people who use, work and live in our services remain our number one priority. There has been no disruption to services to date because of this attack, and we will work to ensure this remains the case.
“We will continue to engage with our employees, people who use our services and key stakeholders throughout the coming days and weeks to ensure everyone remains updated and is fully informed of any significant changes arising from our continued investigation.
The Rehab Group is urging everyone to take the usual precautions and to never disclose personal details if they receive unsolicited contact from an unknown source.
The attack on the Rehab Group follows several high-profile cyber breaches, including one that crippled the HSE last year and more recently attacks on the National University of Ireland Galway and the RDS.
Minister of State with responsibility for eGovernment Ossain Smyth took up the position just days before the attack on the HSE.
He said the latest breach at the Rehab Group was financially motivated.
“The Rehab [Group attack] was a plain, vanilla ransomware, criminal attack where they were trying to obtain money in exchange for blackmailing the Rehab with threats of destroying their data or publishing their data,” he told RTÉ’s Morning Ireland programme.
“They were trying to get patient data, they were trying to get financial data, they are threatening to publish it and they are threatening to destroy it.”
He added: “At this stage we can’t say whether people’s data has been breached or whether any data has been lost but all the right things are being done to deal with it.”
Found this interesting? Then check our main news page where you can find all articles related to Crypto, Crime, Darknet, Security and much more!
