A Salvation Army spokesperson confirmed the evangelical Christian church and charity was compromised, and said it alerted regulators in the UK. She told us: “We are investigating an IT incident affecting a number of our corporate IT systems. We have informed the Charity Commission and the Information Commissioner’s Office, are also in dialogue with our key partners and staff and are working to notify any other relevant third parties... We can also confirm that our services for the vulnerable people who depend on us are not impacted and continue as normal.”
Sally Army staff and volunteers should keep a close eye on bank statements for mysterious transactions, and for correspondence suggesting new accounts have been opened with financial service providers. Ransomware gangs typically resell stolen information to other criminals for further exploitation.