Amnesty International Canada reported last week that it had been targeted by a sophisticated hacking group allegedly linked to China. The attack was first spotted on October 5, and Amnesty immediately worked with forensic investigators and cybersecurity pros from Secureworks to investigate the attack and secure its systems. The investigation found that the threat actor’s tools and techniques were consistent with Chinese advanced persistent threat groups.
Amnesty publicly disclosed the attack for visibility and to warn other human rights organizations about the threat of data breaches targeting activists, journalists, and civil society. Amnesty has found no evidence that either donor or membership data was compromised during the cyberattack.