Evide is a company based in Derry which specialises in data storage and analysis for charities. Evide manages data for around 140 organisations. At least four of the affected organisations deal with survivors of rape or sexual abuse.
The Evide data breach was a data breach caused by ransomware in Northern Ireland.
Breach
The Police Service of Northern Ireland has confirmed that it was contacted in March about a cyber attack and it was investigating. GardaĆ are cooperating with them, including the Garda National Cyber Crime Bureau.
The charity One in Four was told of the breach on 5 April 2023
Disclosure
The news of the breach was made public on 17 April 2023.
Impact
The cyberattack that targeted several organizations, including the Dublin-based charity One in Four, has resulted in the theft of personal data such as phone numbers and email addresses. However, it was reported that letters and reports to child protection services were not compromised in the attack. Approximately 1,000 individuals who had been engaged with One in Four may have been affected by the breach. One in Four has reached out to Evide, presumably a third-party cybersecurity firm, to take legal action against the attackers since they were not directly targeted.
Orchardville, another organization based in Northern Ireland, expressed uncertainty about the extent to which their data was impacted by the attack.
Given the data breach and potential compromise of personal information, the affected charities may be subject to investigation by the Data Protection Commissioner, who oversees compliance with data protection regulations and ensures the protection of individuals’ personal data. The investigation aims to assess the organizations’ handling of the incident and determine if any breaches of data protection laws occurred.
Disclaimer : The information provided herein is on “as is” basis, without warranty of any kind.
