Save the Children suspected to be compromised by BianLian ransomware

Global non-government organization Save The Children International is believed to have been compromised in a BianLian ransomware attack after the ransomware operation claimed to have compromised the IT systems of "the world's leading nonprofit," from which it was able to exfiltrate 6.8TB of data, The Register reports. Aside from stealing more than 800GB of financial records, BianLian also touted on its website that it was able to exfiltrate international HR files and personal data, as well as medical and health information from the unnamed victim, which it said is operational across 116 countries and has $2.8 billion in revenues. Save The Children has not confirmed attack claims made by BianLian but such an attack is par for the course for the ransomware gang, according to VX-Underground. Healthcare and critical infrastructure organizations have been the key targets of BianLian since its emergence in June 2022. BianLian has also transitioned to pure extortion attacks from originally performing double-extortion intrusions.