At 9.00am on Tuesday 2 July, St John Ambulance was subjected to a ransomware attack. This did not affect their operational systems and they resolved the issue within half an hour.
The organisation said it was “confident” that data has not been shared outside of St John Ambulance, it also stated that the data of everyone who has opened an account, booked or attended a training course until February 2019 was affected.
No payment systems were affected as they are processed by Barclaycard SmartPay, and then go straight to their bank and are therefore are not stored with St John Ambulance.
St John Ambulance confirmed that it has informed both the Information Commissioner’s Office (ICO) and the Charity Commission about the breach, along with the police.
Further details can be found here.