The Canadian branch of Amnesty International was the target of an attack it has pinned on a Chinese state-sponsored actor.
The human rights organization said it could not find evidence of donor or membership data theft, but it was speaking publicly about the attack to “caution other human rights defenders on the rising threat of digital security breaches.”
The attackers reportedly sought the organization’s contacts and details of its future plans.
The org brought on cyber security and forensic experts to investigate and protect its systems after it detected suspicious activity in its IT infrastructure in early October.
“The investigation’s preliminary results indicate that a digital security breach was perpetrated using tools and techniques associated with specific advanced persistent threat groups (APTs),” states Amnesty’s assessment of the incident. The org added that infosec vendor Secureworks determined the attack was likely conducted at the direction of Beijing, thanks to the presence of telltale tools and behaviors associated with Chinese hack gangs.