Ransomware gang attacks the Big Issue, a street newspaper supporting the homeless

The Big Issue, a street newspaper in the United Kingdom famed for providing homeless people with a legitimate income by paying them as vendors to distribute the magazine, has confirmed being impacted by a cyber incident.

The confirmation follows the company being listed on the Qilin ransomware gang’s darknet extortion site on Sunday, alongside the claim that the gang stole 550 gigabytes of confidential data including files related to commercial and personnel operations.

In a statement sent to Recorded Future News, the company’s chief executive Paul Cheal confirmed that Big Issue Group experienced a cyber incident last week.

“On becoming aware of this, we took immediate steps to restrict access to our systems, working with external IT security experts, and the investigation into the incident is ongoing,” said Cheal.

“Thanks to the proactive steps taken, we have been able to begin restoring our systems and are operating with limited disruption. The publication and distribution of the Big Issue magazine is not impacted by this incident.”

The Big Issue describes itself as a social enterprise that supports “every vendor to run their own mini business, buying and selling the Big Issue magazine each week.” New vendors are given five free magazines, which are sold for £4, and are able to purchase additional magazines for £2.

The incident comes amid a surge in ransomware attacks targeting British companies in recent years. According to incident trends data released by the Information Commissioner's Office, ransomware attacks against British organizations have risen year-on-year since records began.

The latest incident follows a parliamentary committee recently accusing the British government of burying its head in the sand over the “large and imminent” national cyber threat posed by the criminal ecosystem. The committee particularly complained about a lack of funding for law enforcement agencies to engage in more disruption operations.

These disruption operations are having an effect. A recent takedown led by the National Crime Agency (NCA) shuttered the notorious LockBit gang, believed to have been connected to more ransomware attacks than any other criminal group.

Cheal acknowledged that “certain data related to our organisation has been posted to the dark web by the perpetrators of this incident.” The chief executive said the social company was working with an external IT expert, alongside the National Cyber Security Centre, the NCA, and the Metropolitan Police, to address the attack.

“In addition, we have notified relevant regulators and would like to thank our staff, partners, and suppliers for their patience whilst our investigation continues,” said Cheal.

Beyond the financial harm that ransomware attacks can cause to victims, research from the Royal United Services Institute has detailed the “significantly overlooked” psychological impact on staff and other people involved in responding to an incident — including leaving small business owners feeling suicidal.

“This is a criminal act against our social activities and the causes we work to promote. We exist to support those living at the sharp end of poverty, who are facing barriers to opportunity,” said Cheal.

“Critically our staff are continuing to support our vendors to earn a living by selling the Big Issue magazine, whilst also providing frontline support for vendors with access to advice and services, alongside making social impact lending available to social enterprises and other organisations we work with. Ensuring we continue to deliver against our mission to change lives through enterprise.”