March 27, 2024 at 07:05AM
The Big Issue’s parent company is dealing with a serious cybersecurity incident claimed by the Qilin ransomware gang. The gang claims to have stolen 550 GB of company data, including sensitive personal information of company executives and employees, as well as subscriber data. The Information Commissioner’s Office has been notified, and the company is actively working with authorities to address the breach.
Key takeaways from the meeting notes:
– The Big Issue, a street newspaper and social enterprise for homeless people, has experienced a cybersecurity incident claimed by the Qilin ransomware gang. The gang claims to have stolen 550 GB of company data, including sensitive personal information and financials.
– CEO Paul Cheal and CEO of Big Issue Invest, Danyal Sattar, are among the individuals whose personal information has been leaked, including passport, bank details, and salary information.
– Employee and subscriber data, including personal email addresses, bank details, and financial information, is at risk due to the cybersecurity incident.
– The attack on The Big Issue, a leading social enterprise, is viewed as morally abhorrent, given its mission to support homeless populations and those facing poverty.
– The Big Issue Group is working with external IT security experts, authorities such as the NCSC, National Crime Agency, and the Metropolitan Police, and relevant regulators to address the incident.
– The Information Commissioner’s Office (ICO) has been notified and is assessing the information provided.
– Security expert Kevin Beaumont has noted the severity of the incident and the impact it could have on the organization, particularly considering the vulnerable population it serves.
– The Qilin ransomware gang, potentially of Russian origin, is behind the attack and is seeking ransom payment to resolve the matter.
– The incident is being made public to potentially speed up the negotiation process and increase regulatory pressure on the group to resolve the matter more quickly.
These clear takeaways provide a concise summary of the key points from the meeting notes regarding the cybersecurity incident involving The Big Issue and the actions being taken in response.