wordpress blog stats
Connect with us

Hi, what are you looking for?

International Child Rights Org Save The Children Hit By Ransomware, Around 7TB Data Stolen

As per reports, Cybercrime group BianLian claimed on its website that it had carried out the attack, adding that it had stolen 6.8 TB of data including HR files, personal data and financial records.

We missed this earlier: International child rights organisation ‘Save the Children’ was hit by a ransomware attack by cybercrime group ‘BianLian’ early September compromising crucial financial and health data from the nonprofit’s website, according to a report by The Register, a London-based technology news publishing website.

What is a ransomware attack?  A ransomware is a malware “designed to deny a user or organization access to files on their computer” by encrypting these files and demanding a ransom payment for the decryption key from the user.

According to The Register’s report, BianLian claimed on its website that it broke into the IT systems of the NGO and stole 6.8TB of data, which they said, included “international HR files, personal data, and more than 800GB of financial records” along with email messages.

What did Save The Children say?

In a statement reproduced by The Register, Save the Children International confirmed that the team recently experienced an “IT incident involving unauthorised access to part of our network”, but stated that this did not disrupt operations.

The organisation informed that, “We are working hard with external specialists to understand what happened and what data was impacted so we can take all the appropriate next steps. This process is complex and takes time, but remains our absolute priority. Our systems are also secured, and we are confident in the ongoing integrity of our IT infrastructure.”

Article continues below ⬇, you might also want to read:

Who is BianLian?

According to the United States government’s cybersecurity website, BianLian is a ransomware developer, deployer, and data extortion cybercriminal group that has critical infrastructures in multiple departments across several countries, including US and Australia. The group actors are particularly involved in extorting money by threatening to publish the stolen data to a leak site and also warn of financial, business, and legal ramifications if payment is not made by the victim company.

“BianLian group engages in additional techniques to pressure the victim into paying the ransom; for example, printing the ransom note to printers on the compromised network. Employees of victim companies also reported receiving threatening telephone calls from individuals associated with BianLian group,” the US government informed.

Why it matters: Save the Children works with around 25,000 employees across 116 countries, and has membership from 30 other countries, including India. The global child rights organisation primarily responds to national emergencies that impact child rights and initiates programmes that cater to children’s development across the world. Naturally, the organisation holds data of supporting organisations, employees, spanning countries across the globe, and most importantly locally-relevant information on children’s health as well as education data. A cyberattack can compromise personal data of thousands of people, raising concerns of misuse of such information, privacy and safety of the employees.  In July, the organisation had informed of another cyberattack at one of the vendors, Blackbaud, which provided tools and management resources for nonprofits across the world.

As per India’s Digital Personal Data Protection Act, the Data Protection Board can impose a penalty of Rs 250 Crores if an entity fails to take “reasonable security safeguards” to prevent personal data breach. While the organisation has initiated investigation with relevant authorities, it is worth checking how the local governments would address such incidents as per their data protection laws.

STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!


Written By

Curious about privacy, surveillance developments and the intersection of technology with education, caste and welfare rights.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.


Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...


The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...


Jio is engaging in many of the above practices that CCI has forbidden Google from engaging in.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ