Royal Free Charity donors hit by cyber criminals
Database company paid ransom to hackers after seizing personal details
10 August, 2020 — By Tom Foot
The Royal Free hospital in Pond Street, Hampstead
ROYAL Free Charity donors have been told to “be vigilant” after their personal information was stolen by hackers.
A letter sent out this week to 24,000 donors said a file containing addresses, contact details and the amount, date and reason for patient donations had been seized by cyber criminals. Of these, 120 donors had their bank account and sort codes taken.
A “ransom” was paid by the company that runs the Hampstead hospital Charity’s database, Blackbaud, which is now monitoring the “dark web” for any suspicious activity.
The letter from the Royal Free Charity said: “We were recently notified by Blackbaud, a company we use to manage our database of supporters, that there had been an illegal attack.
“One of our files, containing your information, was copied.”
The letter said the Charity – which manages all patients donations to the hospital – had only recently been notified of two attacks that happened on February 7 and May 20.
All donors have been written to by the charity but a spokeswoman said 120 had received a different letter warning their bank account and sort code details had been taken.
This did not mean their bank accounts could be directly infiltrated. No clinical information was taken in the attack.
Its letter said: “Blackbaud paid a ransom, which is apparently normal practice in these situations, then the people who illegally took the information confirmed they had destroyed it and had not passed it to anyone else.
“Blackbird then assured that it has put in place a significant extra security on its computer system that this does not happen again.”
The attack on Blackbaud has affected more than 100 major institutions including universities and private schools across the country.
Non profit organisations including Breast Cancer Now, Sue Ryder, the Urology Foundation have also been hit.
The firm has said it is monitoring the “dark web” – an encrypted sphere of the internet where criminal activity is rife – as a precaution.
Its statement added: “ Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.
“Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.”
The Royal Free said it had reported the breach to the Charities Commission and the Information Commission’s Office.