Woodland Trust, a charitable trust organization that protects and restores woodland in England, Scotland, Northern Ireland, and Wales, was hit by a sophisticated, high-level cyberattack in December 2020. Woodland Trust stated that unknown attackers illicitly obtained access to the charity’s IT systems. The organization temporarily disconnected all its systems to prevent any further unauthorized access after being hit by the security incident. While there is no information on what data has been accessed by the threat actors, Woodland Trust claimed that an investigation is ongoing to determine the data loss.
“We believe the incident took place after 7 pm on December 14, 2020. As soon as we became aware of the incident, we took immediate action to mitigate the impact, appointing a number of third-party experts including forensic IT specialists and legal counsel, to determine the nature of the criminal activity,” Woodland Trust said.
Woodland Trust reported the security incident to the Information Commissioner’s Office (ICO), the Charity Commission, and the Police department. Besides, the organization has notified its supporters and partners and assured to alert individuals whose information may have been impacted in the incident, as per GDPR guidelines.
“Investigations of this nature take time due to the complexity of the work being carried out. As soon as new information becomes available, we will of course share further updates with you. In the event of confirmed data loss, we will identify and inform those affected immediately, in accordance with GDPR. As a precaution, we are encouraging all our supporters to be mindful of any suspicious activity, especially unexpected emails or phone calls from unknown sources or purporting to come from your bank. Your bank can also help you to protect your account further,” Woodland Trust added.