September 13, 2023

A group of cybercriminals known as BianLian reportedly claimed to have hacked into the IT systems of Save the Children International, a leading nonprofit organization that helps children in need around the world.

The hackers claim to have stolen 6.8 terabytes of data, including financial, health, and medical information. They are threatening to leak or sell the data if Save the Children does not pay a ransom.

According to VX-Underground and Emsisoft threat analyst Brett Callow, BianLian bragged on its website it had hit an organization that, based on the gang’s description of its unnamed victim, looks to be Save The Children International. BianLian stated that its victim, “the world’s leading nonprofit,” operates in 116 countries with $2.8 billion in revenues.

The BianLian ransomware group is known for targeting healthcare and critical infrastructure organizations. It reportedly made use of Go programming language, to evade endpoint protection measures.

In response to the threat posed by BianLian, both U.S. and Australian law enforcement agencies issued a joint advisory warning organizations to tighten their remote-desktop security. Save The Children also confirmed the breach, saying it is working to assess the scope of the data compromise.

The sources for this piece include an article in TheRegister.