Leveraging AI to Expose Cyberattacks and Disinformation Impacting Civil Society

A nonprofit organization focused on providing clean water across the APAC region suffered a significant cyberattack. The attack caused immediate disruptions to the organization’s operations, leading to delays in providing critical clean water services. Additionally, there are long-term concerns about the integrity of their data, potentially eroding donor trust and affecting future funding. This incident was a ransomware attack carried out by a cybercriminal group that operates a ransomware-as-a-service model. The attackers threatened to release sensitive information unless they were paid an extortion fee of $300,000.

A hunger relief organization based in the United States fell victim to a cyberattack that resulted in a significant financial loss. The organization was scammed out of more than $923,000, a substantial amount that could severely affect its ability to provide essential services. Beyond the financial hit, this incident threatened to undermine trust in the organization’s operations, potentially impacting future support and donations. The attackers carried out a phishing campaign by intercepting legitimate emails from a construction company and sending a fraudulent invoice in its place. The organization unknowingly paid the fake invoice, falling prey to the scam.

A nonprofit organization focused on exchanging reusable items to reduce landfill waste suffered a significant data breach. The breach affected 7 million of the nonprofit’s members, with sensitive information being sold on the dark web. The breach also reportedly included the data of the organization’s executive director. The stolen data was available on the dark web for months before discovered. The specific method used by the malicious actor to infiltrate the organization’s network remains unknown. Members have been cautioned not to interact with suspicious emails by clicking on links or downloading files.

An USA-based healthcare plan provider faced serious repercussions after a cyberattack compromised the sensitive data of millions. The breach exposed the protected health information of 3,180,537 individuals, including Social Security numbers and health records. The fallout from this exposure has resulted in multiple class action lawsuits, which could further damage the organization’s reputation and financial stability, potentially disrupting its ability to provide healthcare services. The attack was carried out by the Clop threat group, who exploited a zero-day vulnerability in the MOVEit Transfer file transfer solution. This vulnerability allowed the cybercriminals to access and steal the organization’s sensitive data.

A nonprofit organization providing medical and humanitarian aid globally faced a security breach involving one of its servers based in Spain. The breach raised concerns about unauthorized access to the organization’s data, which could potentially compromise sensitive information. The extent of the information accessed remains unclear, but the incident highlights significant risks to the organization’s data security and operational integrity. An advertisement surfaced offering access to the compromised server. A screenshot from the hacker indicated they had accessed a web panel for Citrix used by the Spanish branch of the nonprofit, which might have allowed them remote access to the organization’s data.

In August 2023, a college in North Carolina experienced a significant data breach caused by a ransomware attack, which compromised the personal information of over 52,000 individuals. The exposed data included sensitive information such as identification numbers, dates of birth, and health-related details. In response to the breach, a class-action lawsuit was filed, alleging negligence in implementing adequate data-security measures and delays in notifying affected individuals. The incident highlighted recurring concerns about the institution’s cybersecurity preparedness, as it was not the first breach of its kind.

Just before Christmas 2020, hackers began to steal from One Treasure Island, a nonprofit that is redeveloping its namesake island in San Francisco Bay as a haven for low-income and formerly homeless people. Over the next month, criminals siphoned $650,000 from the community organization.

A nonprofit organization lost control of their Instagram account, a critical platform for their online presence. The loss of access to their Instagram account threatened to undermine the organization’s credibility and disrupt their general activities. As their flagship online presence, the account’s absence threatened to damage their reputation and hinder their ability to engage with supporters and the public. The incident began with a spear phishing attack via email, which appeared to come from Instagram. Two days after the attack, cybercriminals contacted the organization via WhatsApp, claiming responsibility and demanding a ransom to restore access. The attackers had altered the account’s email address, password, and phone number, ultimately disabling it.