Suspected Chinese hackers hit Amnesty International Canada

Suspected Chinese hackers hit Amnesty International Canada

The Canadian branch of Amnesty International, an international human rights non-governmental organization (NGO), said it was a target of a sophisticated security breach in early October, which it believes to have been sponsored by China’s government.

The breach was first spotted on October 5, when suspicious activity was detected on Amnesty’s IT infrastructure. The investigation into the incident showed that the attack was likely conducted by a China-linked threat actor based on tools and techniques used by attackers.

Amnesty said that the conclusion is based “on the nature of the targeted information as well as the observed tools and behaviors, which are consistent with those associated with Chinese cyberespionage threat groups.” At present, no evidence has been found that any donor or membership data was exfiltrated.

“Appropriate law enforcement authorities as well as staff, donors, and other stakeholders have been notified of the breach,” the organization added.

In other news, the international non-governmental organization Human Rights Watch (HRW) said it discovered a cyber-espionage campaign aimed at human rights activists, journalists, researchers, academics, diplomats, and politicians working in the Middle East. The organization said that at least 20 individuals are believed to have been targeted, including a reporter for a major US newspaper, a women's rights defender based in the Gulf region, and Nicholas Noe, a Lebanon-based advocacy consultant for Refugees International.

The organization believes that the campaign is the work of an Iran-linked state-sponsored threat actor APT42, which is known to share overlaps with other Iranian hacker group APT35 (aka Charming Kitten, TA453, or Phosphorus).


Back to the list

Latest Posts

Cyber Security Week in Review: July 4, 2025

Cyber Security Week in Review: July 4, 2025

In brief: Google patches Chrome 0Day, the US is on the hunt for North Korean IT workers, and more.
4 July 2025
AI chatbots fall for phishing scams

AI chatbots fall for phishing scams

The models provided the correct URL only 66% of the time; nearly 30% of responses pointed users to dead or suspended domains.
3 July 2025
Chinese hackers exploited Ivanti flaws in attacks against French government

Chinese hackers exploited Ivanti flaws in attacks against French government

ANSSI believes that the Houken campaign is operated by ‘UNC5174’, an entity believed to act as an initial access broker for China’s Ministry of State Security.
2 July 2025