The Scottish Association for Mental Health (SAMH) has fallen victim to a ransomware attack which has disrupted IT services.
While the extent of the incident is yet to be revealed, a statement released by the charity noted that email and phone services had been severely disrupted.
“SAMH is currently dealing with an IT incident, which is affecting our colleagues’ ability to receive and respond to emails across both our national and local service locations. Some of our national phone lines are also affected,”” the statement reads.
According to reports from IT Pro, the attack was first revealed online by cybersecurity researcher, Sofiane Tahiri.
In a post on Twitter, Tahiri revealed they had discovered more than 12Gb of data belonging to the charity on the dark web.
Data exposed in the cyber-attack appears to include sensitive personal information such as names, addresses, email addresses and passport information.
Dirty work from #RansomEXX #ransomware group who just added SAMH (Scottish Association for Mental Health) to their victim’s list. +12Gb of data leaked@Ransomwaremap @SOSIntel @Cyberknow20 pic.twitter.com/YUf3doqLFQ
— Soufiane Tahiri (@S0ufi4n3) March 21, 2022
In a follow-up statement, Chief Executive Billy Watson confirmed the incident, describing it as a “sophisticated and criminal cybersecurity attack.”
“We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organisation that is relied on by people at their most vulnerable,” he said.
“Our priority is to continue to do everything we can to deliver our vital services. My thanks to our staff team who, under difficult circumstances, are finding ways to keep our support services running to ensure those they support experience as little disruption as possible.”
Watson revealed the organisation is responding to the attack and is in close communication with Police Scotland and “various agencies”.
A cybercriminal gang behind ‘RansomEXX’ has since claimed responsibility for the attack, adding the charity to an extensive list of victims online.
RansomEXX has previously been used in a number of high-profile breaches, including attacks against government systems in both the United States and Italy.