Hackers have stolen data from a Salford-based social housing group which has thousands of tenants and other clients.
ForHousing and Liberty, which manage and maintain homes in the North West and serve clients across the country, were victims of the ransomware attack.
The organisations are both part of the ForViva group which is based in Eccles.
The group confirmed that no tenant or staff data from ForHousing's systems were accessed, but 'a small amount' of data from Liberty was compromised.
Liberty, which is based in Liverpool, providers property services for housing associations, local authorities and private companies throughout the country.
Ray Jones, group managing director of Liberty, said investigations into the cyber security incident which occurred last month have now been completed.
He said: "We can confirm that a small amount of data was compromised during the incident.
"We have liaised with the relevant authorities, and are currently working closely with any of our partners who have been affected to allow them to be extra vigilant."
Group chief executive Colette McKune MBE said ForViva first became aware of hackers attempting to gain unauthorised access to its systems on July 26.
ForHousing's systems were taken offline for a short period as a 'precautionary measure', but there was 'limited impact' on services to tenants as the housing association's operations started to resume the following day, McKune said.
She said: "Tenant and staff safety is our priority and this includes the safety and integrity of their data.
"We have informed tenants about this incident and confirmed that their data is safe."
Ransomware is a type of malicious software which threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid.
Brett Callow, who is a threat analyst for anti-virus software company Emsisoft, said ransomware groups publish stolen data on 'leak sites' after their attacks.
The New Zealand-based company, which has particular expertise in ransomware, is also a partner in Europol's No More Ransom project.
Brett found data from ForViva was published on the dark web on August 1.
He said: "Since ransomware groups began exfiltrating data in late 2019, more than 2,000 organisations have had their information stolen and published on so-called ‘leak sites.’
"This represents a risk not only to the impacted organisations, but also to their customers and business partners as it’s often information relating to them that is exposed.
"And as the data can be freely downloaded by anybody who knows the URL for the leak sites, it can easily be obtained and misused by identity thieves and other cybercriminals anywhere on the planet.
"Once data has been exfiltrated, organisations are without good option.
"Organisations that pay the criminals to have them destroy the data just have to hope that they'll be good to their word – which, unsurprisingly, they’re often not.
"The bottom line is that a data breach is a data breach and organisations cannot pay to undo it."
ForViva said the relevant authorities have been alerted about the incident.
To get the latest email updates from the Manchester Evening News, click here.
