A victim of the Salvation Army cyber-attack has suffered identity theft at the hands of cybercriminals

Following initial reports of the data breach last June, criminals now appear to be using the personal information gathered during the Salvation Army ransomware attack to fraudulently open credit accounts using the victims’ details. CEL Solicitors is in talks with a victim of the Salvation Army data breach who has since been subject to identity theft.

Unfortunately, identity theft is a common occurrence after a cyber-attack. Criminals with this level of personal information may be able to take out credit and make payments in their victim’s name.

While many banking and business institutions do attempt to validate accounts opened in a person’s name, some can slip through the net. This can result in difficulties for the fraud victim with bills, invoices and even county court judgements (CCJs) being issued.


About the Salvation Army cyber security breach

First reported in June 2021, the Salvation Army was the target of a ransomware attack, by cyber-criminals who used malware to encrypt data to hold the organisation to ransom.

The charity state they immediately informed the Charity Commission and the Information Commissioner’s Office (ICO). They also alerted any relevant third parties in line with their procedures.

A letter, addressed to Salvation Army data breach victims, lists the data compromised as being “NI number, bank account or routing number, sort code, compensation amount, and personnel information”.

The damage caused by a cyber security breach like this goes far beyond just the impact of the ransomware itself. Victims who have had their data compromised may feel stressed and worried about what the criminals might do with their information. This can have a serious effect on a person’s mental health and wellbeing.

When the letter informing victims of the security breach incident was first sent, they indicated that there “is no evidence that this information has been misused or that the attacker intends to misuse it in the future”. This no longer appears to be the case.


Commenting on the Salvation Army data breach, Mark Montaldo, a director and data breach solicitor at CEL Solicitors, said: “Upon initial discovery of a data breach organisations are naturally keen to allay the fears of those affected. It’s therefore common for us to see reassurances around the potential misuse of data. The reality is cybercriminals hack companies for malicious reasons. In the case of the Salvation Army data breach, the initial goal was to extract a ransom. However, our client has since been subject to identity fraud, which will set alarm bells ringing for others affected. Ultimately, data is a valuable commodity which, in the wrong hands, can be used for illegal activity so you can never underestimate the potential fall-out.”


Rogue employees breach GDPR rules, use personal details to make inappropriate contact with customers.


What is a ransomware attack, like the one used in the Salvation Army Data Breach?

Ransomware attacks are commonly used by cybercriminals to target information held by a person or company. They can happen to anybody at any time and are often triggered when a person opens a file containing malware. This file could be in an email sent to a company and opened by an employee, or it could be hiding inside a dodgy website link.

After the ransomware has activated, it latches onto a file system and encrypts it. This means you no longer have access to your own files and require a special password to get them back. The criminals will then reach out and offer to ransom the password back, for a price. They may even threaten to sell the information or release it online if the ransom is not paid. The more important the information, the more they can charge.

In some cases, it may be possible to restore a backup of the information from before the ransomware. This is less useful when the information is sensitive in nature, as criminals can use it to cause further harm. Sensitive data can include banking details, personal information, or medical records.


About identity theft and GDPR breach claims

Identity theft often goes hand in hand with data breaches and ransomware attacks. Once criminals have the personal information of an individual, they may be able to open accounts or make purchases in their victim’s name.

Identity theft is particularly dangerous as criminals can saddle victims with large debts. They can do this by opening credit accounts, making purchases, and setting up payment contracts.

A person may not even know that they have been the victim of identity theft until they are sent a threatening letter by a debt collection agency!


Have you been affected by the Salvation Army cyber-attack? Make a data breach claim

If your information has been compromised because of a data breach, our team of experienced data breach solicitors are on hand to help.

We can help recover money lost to fraudulent scams and help claim compensation for the distress caused. In cases where criminals are attempting to open credit accounts under the name of their victim, it is especially important to seek help. If left alone criminals may be able to charge enormous sums of money in your name.

Tell CEL today for free initial legal advice on 0808 273 0900 or apply online. Our specialist data breach team are on hand to help guide you through the claims process.


Skip to content