Sign in Subscribe
Cybersecurity

Hackers Hijack the Salvation Army

Hackers say they’ve breached the Salvation Army. Chaos Group threatens to leak sensitive data. Here’s what nonprofits can learn from the latest ransomware attack.

Janeel Abrahams

Janeel Abrahams

2 min read
Managed Nerds has the best Small Business Cybersecurity Tips and Solutions to keep you protected

In a shocking twist to the cybercrime saga of 2025, hackers have allegedly targeted the Salvation Army, one of the world’s largest and most respected charities. The group behind the attack? The Chaos ransomware gang—a name fitting for the digital storm they just unleashed.

On March 28, 2025, a dark web post surfaced from the Chaos group, claiming they’ve compromised the organization’s systems and are in possession of sensitive data. They’ve threatened to release that information publicly unless their demands are met.

The Salvation Army has not yet confirmed the details, but the FBI and cybersecurity experts are watching closely.

Who Is the Chaos Group?

Chaos isn't new to the cyber scene. Since 2021, this ransomware-as-a-service (RaaS) operation has wreaked havoc on organizations around the world.

What makes them different?

  • Early versions of Chaos ransomware destroyed data beyond recovery
  • Today, they’ve “evolved,” offering data encryption for ransom—and sometimes still destroy the files anyway
  • Their unpredictability and ability to leak stolen data make them one of the most dangerous groups in circulation

Why This Attack Matters

The Salvation Army isn’t just any organization. It operates in 134 countries, serves millions of vulnerable people, and reported $4.78 billion in revenue in 2024—ranking it among the top charities in the U.S.

Nonprofits like this often don’t have the same cybersecurity resources as private businesses. And that’s exactly why hackers are zeroing in.

If it can happen to them—it can happen to any nonprofit, law firm, or small business handling sensitive personal data.

What You Can Do Right Now

For nonprofits, churches, schools, or small businesses, this attack is a red flag waving at full speed.

Here are 5 smart steps to stay protected:

  1. Train your staff – Most attacks start with a fake email or phone call
  2. Back up your data – And store it offline, not just in the cloud
  3. Update your systems – Old software is full of cracks hackers love
  4. Use access controls – Not everyone needs access to everything
  5. Create a cyber incident plan – So you're not scrambling when things go sideways

Want Real Protection Without the Big Budget?

At Managed Nerds, we help small organizations—including nonprofits and solo businesses—build real cybersecurity plans without breaking the bank.

We offer:

  • AI-enhanced threat monitoring
  • Staff training (no jargon, just practical steps)
  • Backup strategies that actually work
  • Affordable software packages that protect like the big guys

Whether you’re running a local nonprofit or a lean legal practice, we’ve got your back.

Don’t wait for a ransom note. Visit Managed Nerds and let’s lock your systems down before Chaos comes knocking.

Written: 05/28/205

Read more