St John Ambulance hit by ransomware attack

The first-aid charity says it dealt with the situation in 30 minutes and no data was lost

St John Ambulance has been hit by a ransomware attack, the charity has revealed.

The charity said in a statement that the ransomware attack happened on 2 July at 9am, but was dealt with within 30 minutes and did not affect operational systems.

The first-aid charity said it was confident that the attack, which targeted its course booking system, had not resulted in the theft of any data.

Information targeted included the names of people attending courses, contact details, course details and invoicing details.

Everyone who attended a course carried out by the charity until February 2019 will have been affected, the charity said.

Bank card details were not stored on the system targeted or by the charity, so were unaffected by the attack.

No ransom was paid, the charity said.

It has notified the police, the Charity Commission and the Information Commissioner’s Office

A spokeswoman for St John Ambulance said: "We take the security of our data very seriously and would like to reassure everyone who has received an email from us about this recent incident that we are confident no data has been shared outside of St John Ambulance.

"Our IT teams worked hard to isolate and resolve the issue as soon as we became aware of it and no ransom was paid.

"We are undertaking a review to examine how attackers were able to gain access to block the system, and we are putting processes in place to guard against this happening again."

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in
Follow us on:

Latest Digital Jobs

RSS Feed

Third Sector Insight

Sponsored webcasts, surveys and expert reports from Third Sector partners


Expert hub

Insurance advice from Markel

How bad can cyber crime really get: cyber fraud #1

How bad can cyber crime really get: cyber fraud #1

Promotion from Markel

In the first of a series, we investigate the risks to charities from having flawed cyber security - and why we need to up our game...