More charities are being targeted by ruthless hackers
Hackers with ties to Russia have published personal data belonging to tenants and staff of a Highland housing association.
Albyn Housing Society experienced a cyber attack on 17 August for which hacking gang RansomHub claimed responsibility.
It amounts to around 10GB of personal data being published on the dark web.
Kirsty Morrison, chief executive of Albyn Housing Society, said: “Albyn Housing Society has been subject to a cyberattack in which our data systems were illegally accessed.
“As soon as we became aware of this, we have been working round the clock to minimise the potential impact of this, and working with all relevant agencies and any stakeholders affected.
“It is devastating that a charity whose main focus and purpose is to maintain and build homes, and support communities and individuals, has been targeted in this manner.
“We would like to thank all agencies who have supported us since the incident occurred.”
Albyn, which started in 1973 by building homes for the incoming workers at Invergordon smelter, now manages over 3,800 properties in 70 communities across the Highlands.
According to a security advisory from the FBI, RansomHub amassed at least 210 victims since its creation in February this year and aims to become the world's biggest hacking platform.
Criminals can use RansomHub to infiltrate an organisation’s data then ask for a ransom. If the sum demanded is not paid in crypto currency, they release the data usually on the dark web for other criminals to steal.
A Police Scotland spokesperson said: “On Monday, 19 August, 2024, we received a report of a cyber incident having impacted a business premises in Invergordon. Enquiries are at an early stage, and we are providing support to those affected.”
Jude McCorry, chief executive of the Cyber & Fraud Centre – Scotland, told Futurescot, the digital news outlet for Scotland’s public services: “The attack on Albyn Housing is a reminder to all organisations that the threat of cyber attacks is very real in Scotland, and no one is immune to this threat. Organisations can make themselves more resilient against attacks but also prepare themselves for an attack.
“I would recommend that organisations keep up with software/patch updates, provide training for staff, build and test your incident response plan and have a good cyber culture from the board down.
“There are lots of free or cost-effective resources that you can use to help you on your cyber journey.”