Share this article on:
The Qilin ransomware gang claims to have more than 500 gigabytes of data, including passport and driver’s license scans – including that of board members and vendors.
Scans of dozens of passports and driver’s licenses have been posted to the dark web leak site of the Qilin ransomware gang after the group claimed to have hacked UK publisher the Big Issue Group.
According to Qilin’s leak site, the hack took place on 23 March, though it appears to have been posted to the site overnight.
“A company that wants to hide the fact of hacking and leakage of personal data. About 550 GB of confidential data was downloaded,” a Qilin spokesperson wrote, before listing the data the gang is claiming to have:
Qilin has not revealed a deadline to share the data, nor the asking price of any ransom.
But what the gang has shared are 12 screenshots of data by way of proof-of-hack, and it does appear to be legitimate. Among the files are what appear to be complete lists of employees of the company’s various divisions, including personal addresses and other details, a payroll form, and a March 2024 letter approving the nearly £10,000 pay rise of a senior executive.
Also included are scans of at least 84 passports of employees, including board members and senior managers, as well as at least one passport belonging to a vendor.
A spokesperson for the Big Issue Group said that it is investigating the incident.
"Last week, the Big Issue Group experienced a cyber incident. On becoming aware of this, we took immediate steps to restrict access to our systems, working with external IT security experts, and the investigation into the incident is ongoing. Thanks to the proactive steps taken, we have been able to begin restoring our systems and are operating with limited disruption. The publication and distribution of the Big Issue magazine is not impacted by this incident," a Big Issue spokesperson told Cyber Daily via email.
"As part of our investigation, we’ve identified that certain data related to our organisation has been posted to the dark web by the perpetrators of this incident. We’re working with our external IT expert to complete our investigation as a matter of priority alongside the NCSC, the National Crime Agency, and the Metropolitan Police. In addition, we have notified relevant regulators and would like to thank our staff, partners, and suppliers for their patience whilst our investigation continues.
"This is a criminal act against our social activities and the causes we work to promote. We exist to support those living at the sharp end of poverty, who are facing barriers to opportunity. Critically our staff are continuing to support our vendors to earn a living by selling the Big Issue magazine, whilst also providing frontline support for vendors with access to advice and services, alongside making social impact lending available to social enterprises and other organisations we work with. Ensuring we continue to deliver against our mission to change lives through enterprise.”
The Big Issue Group is, according to the group’s website, “a growing social enterprise and B-corp”.
“The Big Issue Group brings together our media, investment, service and campaigning initiatives under a shared mission to create innovative solutions through enterprise, to unlock social and economic opportunity for the millions of people in the UK living in poverty,” the company says on its website.
“By 2027, we are aiming to have 11 million people every year engage with our products and services.”
The Big Issue Group is probably best known for its weekly magazine, The Big Issue, commonly sold on the street by volunteer vendors. The company also runs a recruitment service, an ethical shop, a policy group, and a sustainable investment business.
The Big Issue Group has several international editions – including in Australia – but this incident only appears to impact the UK operation.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.