Children’s charity The Smith Family has become the latest major Australian organization to fall victim to a cyberattack in which hackers obtained confidential information on its donors, including credit card details.
The charity confirmed on Tuesday that it discovered a data breach in October in which hackers accessed a staff member’s email and blocked an attempt to steal the charity’s funds. But after digital investigators completed their investigation last week, they found inboxes containing documents with donor names, addresses and contact information, as well as some credit card data.
“We apologize for any concern or stress this incident may have caused,” CEO Doug Taylor said in a statement. “We are contacting every donor and sponsor regarding this event, regardless of whether their information has been accessed.”
So far, there has been no indication that any donor information has been misused, Taylor said. recent cyber breaches, including the attack on Medibank, The early signs that have been shown are often unreliable, and it’s unclear whether hackers opened sensitive files.Supporters told to be wary of unsolicited messages, not to click on unknown links and view www.cyber.gov.au for further advice.
The leaked card information was limited to the first four and last digits of some cards. No other card data was stored by the Smith family, it said.
The charity, which helps needy children get an education, has not revealed how many donors have been affected. The Smith family does not know the identity of the hackers, but has notified the Australian government’s Cyber Security Center and the Australian Information Commissioner’s Office, which enforces data breach laws.
A spokesman for the Information Commissioner confirmed the breach had been reported.
“Under privacy laws, organizations have an obligation to prevent the unauthorized access, disclosure or loss of personal information,” the spokesperson said.