A recent article published by the ABC highlighted a recent cybersecurity incident that has affected several Australian charities and their donors.
What Happened?
Recently, a telemarketing company called Pareto Phone, which collected donations on behalf of various charities, fell victim to a cyberattack. As a result of this breach, thousands of donors' personal information was leaked to the dark web. The affected charities, including Cancer Council, Canteen, and The Fred Hollows Foundation, have confirmed that donor data, including names, dates of birth, addresses, email addresses, and phone numbers, has been exposed. Fortunately, no financial information was compromised in the breach.
The Impact on Charities
The Fred Hollows Foundation reported that 1,700 of its donors were affected and expressed disappointment in learning that their data was still retained by Pareto Phone, despite their last engagement with the telemarketer in 2014. Médecins Sans Frontières (MSF), another charity, also accused Pareto Phone of retaining data in violation of Australian privacy laws. Canteen stated that 2,600 of its donors from 2020 and 2021 were contacted, and they are deeply upset about the breach's impact on their supporters.
Immediate Actions for Charities
While this incident is deeply concerning, it is crucial to remember that Australian charities continue to do critical work that improves people's lives. The Department of Home Affairs emphasizes that this breach should not deter you from supporting charities.
Donors should remain vigilant about your personal information. If you have donated to any of the affected charities or have concerns about your data, consider monitoring your financial accounts and updating passwords as a precaution.
Charities should ensure they are deploying robust cybersecurity controls and seek independent advice where internal capability requires additional support. Cyclical review and audit of these controls is also important to ensure they remain fit for purpose. The above incident also highlights the need for contract management processes to include data and cybersecurity considerations.
If you have any specific concerns or questions regarding your organisation's data security, please feel free to reach out to us for guidance.
Read the original article here: Thousands of donors to Australian charities, including Cancer Council and Canteen, have data leaked to dark web - ABC News
Related article: Top 5 Internal Controls for NFP Organisations Seeking Donations and Fundraising Income