The Big Issue says Qilin ransomware attack didn't impact publication and distribution business

The Big Issue, one of the UK’s leading social businesses, said it experienced a data security incident not long after threat actors listed it as a victim on a dark web leak portal.

 

The Big Issue is a street newspaper famous for creating earning opportunities for the homeless by paying them as vendors to distribute the magazine. The company says it supports “every vendor to run their own mini business, buying and selling the Big Issue magazine each week.” It sells the Big Issue magazine to vendors at £2 and vendors sell the magazine on to customers for £4, keeping the difference.

 

On March 23, the infamous Qilin ransomware group listed the Big Issue as a victim on its data leak site. The group claimed to be in possession of about 550 GB of data, including “personnel (copies of documents, personal data, etc.), contracts (all reports, partner data, etc.), finance (reports, transactions, income, etc.), Big Issue Invest (financial transactions, partners, contracts, etc.) and private & confidential and much more.”

 

The group also shared 12 screenshots of the data it allegedly stole from the company to prove that its claims were true. The sample data also contained at least 84 passports of employees, including board members, senior managers and vendors.

 

 

Acknowledging the ransomware group’s claims, The Big Issue’s chief executive Paul Cheal told Recorded Future News that the company indeed suffered a cyber attack last week.

 

“On becoming aware of this, we took immediate steps to restrict access to our systems, working with external IT security experts, and the investigation into the incident is ongoing.

 

“Thanks to the proactive steps taken, we have been able to begin restoring our systems and are operating with limited disruption. The publication and distribution of the Big Issue magazine is not impacted by this incident,” Cheal said.

 

The company has launched an internal investigation, with assistance from external cyber security experts, to verify the claims of the hacker group. It has also notified the National Cyber Security Centre (NCSC), the NCA, and the Metropolitan Police about the incident.

 

“In addition, we have notified relevant regulators and would like to thank our staff, partners, and suppliers for their patience whilst our investigation continues. This is a criminal act against our social activities and the causes we work to promote. We exist to support those living at the sharp end of poverty, who are facing barriers to opportunity.

 

“Critically our staff are continuing to support our vendors to earn a living by selling the Big Issue magazine, whilst also providing frontline support for vendors with access to advice and services, alongside making social impact lending available to social enterprises and other organisations we work with. Ensuring we continue to deliver against our mission to change lives through enterprise,” Cheal added.