This website uses cookies for anonymised analytics and for account authentication. See our privacy and cookies policies for more information.





The voice of Scotland’s vibrant voluntary sector

Published by Scottish Council for Voluntary Organisations

TFN is published by the Scottish Council for Voluntary Organisations, Mansfield Traquair Centre, 15 Mansfield Place, Edinburgh, EH3 6BB. The Scottish Council for Voluntary Organisations (SCVO) is a Scottish Charitable Incorporated Organisation. Registration number SC003558.

Big Issue apologises for personal data breach after ransomware attack

 

The social enterprise has made the authorities aware

A campaigning social enterprise behind one of the world’s biggest street newspapers has been forced to apologise after personal data was compromised in a ransomware attack. 

The Big Issue Group fell victim to the incident in March this year, with individuals’ addresses and bank account details affected. 

Both the UK Information Commissioner's Office and law enforcement have been made aware of the incident.

Advice has now been sent to those affected, and an apology provided. 

In a letter sent to those affected, chief operating officer of the Big Issue Group, Keren Segal, wrote: “We are writing to you to make you aware of a ransomware incident the Big Issue Group (BIG) became a victim of in late March 2024. Upon discovery of the incident, we immediately engaged third party cyber security experts and took steps to contain the incident and recover our systems. Since then, we have, along with our third-party advisers, been taking steps to understand the wider impact of this incident, including undertaking a complex IT investigation.

“Our investigation into the incident is in its final stages and unfortunately, we have determined that some of your personal data has been impacted. We understand this may cause concern and we are sorry for this.

“We take IT security and privacy matters incredibly seriously and, again, we are sorry for any concern caused. Whilst no organisation can guarantee absolute security given the ever-present cyber security challenge we all face - recent news stories demonstrate the size and scale of this issue – we, along with third party experts have undertaken an exhaustive IT investigation in respect of this incident, and we will continue to review the security processes we have in place on an ongoing basis.

“The Big Issue Group exists to support those living at the sharp end of poverty, who are facing barriers to opportunity. This was an abhorrent act against our social enterprise and the causes we work to promote. Critically, despite the incident our staff continued to deliver against our mission to change lives through enterprise.”

Any organisations in a similar situation can find support on the CyberScotland Third Sector website.

 

Comments

Be the first to comment