St John Ambulance hit with ransomware attack

• The ransomware attack impacted everyone who had opened an account, booked or attended a St John Ambulance training course until February 2019.
• The data includes names of those who booked and attended the course, course details, contact information, costs, invoicing details, and driving license data.

What is the issue?

St John Ambulance, the nation’s leading first aid charity suffered a ransomware attack compromising the data belonging to individuals who undertook a training course.

The big picture

St John Ambulance became aware of the ransomware infection on July 2, 2019. Upon which, the first aid charity temporarily blocked access to the infected system. The charity organization confirmed that the attack did not impact its operational systems.

• St John Ambulance notified the Information Commissioner's Office (ICO), the Charity Commission, and the police authorities about the incident.
• It has hired third-party cyber experts to enhance its security mechanism in order to protect its data systems.
• The organization confirmed that the issue was resolved immediately within half an hour.

“We work as hard as we can to protect our data systems from these types of attacks and employ a range of third party partners and cyber-crime solutions to continually update our protection,” St John Ambulance said.

What was the impact?

• The incident has impacted everyone who opened an account, booked or attended a St John Ambulance training course until February 2019.
• The data includes names of those who booked and attended the course, course details, contact information, costs, invoicing details, and driving license data.
• However, no credit card details or customer passwords were compromised.

“The only data that has been affected relates to our training course delivery. It does not cover supplies, events, ambulance operations, volunteering, volunteer, data, employee data, clinical data or patient data,” St John Ambulance said.