St John's Ambulance the latest victim of ransomware attack

St John's Ambulance claims that it identified the ransomware outbreak quickly and dealt with it within half-an-hour

St John's Ambulance has admitted that it was struck by a ransomware attack on Tuesday this week.

The charity, which provides volunteer medical services, confessed to the compromise in a post on its website.

St John's Ambulance claims that the ransomware attack did not affect its operational systems and had been resolved within half-an-hour of the outbreak. The charity claims that no financial data - such as debit or credit card details - will have been spilled at a result.

Indeed, it claims that "the only data that has been affected relates to our training course delivery. It does not cover supplies, events, ambulance operations, volunteering, volunteer, data, employee data, clinical data or patient data".

St John Ambulance confirmed to Computing's sister website The Inquirer that no ransom was paid, adding that its "IT teams worked hard to isolate and resolve the issue as soon as we became aware of it".

The organisation's incident report adds: "You don't need to take any immediate action. However, if you work for one of our corporate customers, please pass this email on to the person in your organisation who is responsible for data protection."

It has also informed both the Information Commissioner's Office (ICO) and the Charity Commission about the breach, as well as with the police.

"We have received a report from St John's Ambulance and we will assess the information provided," an ICO spokesperson confirmed.

St John concluded: "We work as hard as we can to protect our data systems from these types of attacks and employ a range of third-party partners and cyber-crime solutions to continually update our protection.

Ransomware has proved to be a highly lucrative business for online scammers, most of whom will also enjoy a fair degree of official protection where they operate.

Last month, the gang behind the GandCrab ransomware-as-a-service announced their retirement, declaring that they had not only become extremely rich as a result, but had also been able to launder their fortunes into legitimate businesses.

However, Bitdefender claims to have developed a free tool to decrypt data encrypted and ransomed by GandCrab.