Scottish mental health charity SAMH targeted in cyber attack

A Scottish mental health charity says it has been the victim of a "sophisticated and criminal" cyber attack.

Police are investigating the incident which has affected emails and phone lines at SAMH, the Scottish Association for Mental Health.

Charity chief executive Billy Watson said staff were devastated by the attack.

He said they were trying to keep support services running.

"It is difficult to understand why anyone would deliberately try to disrupt the work of an organisation that is relied on by people at their most vulnerable," Mr Watson said.

"Our priority is to continue to do everything we can to deliver our vital services.

"My thanks to our staff team who, under difficult circumstances, are finding ways to keep our support services running to ensure those they support experience as little disruption as possible."

SAMH works with adults and young people across Scotland, proving mental health support in locations including primary care, schools and further education.

Police said the attack on the Glasgow-based charity happened last Thursday.

"Inquiries are at an early stage and we are providing support to those affected," a spokeswoman said.

On Friday, SAMH posted a notice on its website saying it was dealing with an incident affecting its staff's ability to receive and respond to emails.

Phone lines
It added that some of its national phone lines had also been affected.

The cyber attack was confirmed in a second post on its website on Monday.

Mr Watson said: "We are working closely with various agencies including Police Scotland - this is an active investigation.

"We will continue to take the best expert advice to assist us in effectively dealing with this situation."

The charity said local services could still be contacted by phone and added that it continued to support people across Scotland.

It comes just over a year after Scotland's environmental watchdog, Sepa, was targeted in a cyber attack on Christmas Eve 2020.

More than 4,000 digital files were stolen in the incident which a later review said displayed "significant stealth and malicious sophistication".