Talk

Advanced search

Womens Aid - data breach

(18 Posts)
perfectionistchaos Wed 05-Aug-20 15:53:15

I've just had an email from Womens Aid that they have had a data breach and my name, contact information and donation history could have been accessed. Does anyone else feel that this is potentially more sinister than a "normal" hacking, especially as lots of WA donors have previously used their services (disclaimer - luckily not me)?

OP’s posts: |
ThePurported Wed 05-Aug-20 15:56:35

I doubt it. Charities are targeted all the time.

thinkingaboutLangCleg Wed 05-Aug-20 16:49:12

Charities are targeted all the time
How horrible. Does this mean they have poor security? Is there anything they can do about this? Because it is a serious problem if people using services like Women's Aid are put at further risk.

FemaleAndLearning Wed 05-Aug-20 17:01:07

I got the message too. The hackers will be looking to make money or sell the list for someone to make money. I thought the email was good about warning about potential phone calls asking for increased donations and bank details. They clearly said they do not go this do that is good.

ThePurported Wed 05-Aug-20 17:05:44

Does this mean they have poor security?

Not necessarily. Any large organisation that holds personal data is a target.

stumbledin Wed 05-Aug-20 17:23:33

The email points out that it is not them who have the data breach but their provider, Blackbaud - who I think are widely used (reputable?).

It's possible that a number of other charities will have been similarly compromised. The BBC article they gave link to lists those who have been. www.bbc.co.uk/news/technology-53567699

They say it is a "ransomware attack" which is usually about extracting money to get the data back.

Not saying there are no worries, but unfortunately even though you may for instance think your home if burglar proof those intent on breaking in will always try and find a way and sometimes suceed.

stumbledin Wed 05-Aug-20 17:26:26

I think the email they have sent is quite well presented and informative.

But would pay attention to the point they have made just in case:

You should be wary of people claiming to represent Women’s Aid telephoning, emailing or writing to you asking for information about you, or asking to confirm your payment details. You can always confirm that a contact is genuine by writing to us at info@womensaid.org.uk, and the appropriate team can let you know if they have genuinely been in touch.

DianasLasso Wed 05-Aug-20 17:27:23

My immediate thought was it was the Blackbaud hack. A whole load of universities have had their alumnae databases hacked.

Don't think it's anything especially sinister in this case.

JackiFazaki Wed 05-Aug-20 18:15:51

I was looking to see if there was a thread about this.

I had the email also. It's honest enough and glad that they've told me.
I'm a bit surprised that it's now August, and the breach happened some months ago.

The providers of our customer database, Blackbaud, have let us know that they discovered and stopped a ransomware attack. After discovering the attack, they successfully stopped the cybercriminal, but before they did, the cybercriminal removed a copy of our backup file containing your personal information. This occurred at some point beginning on 7 February 2020 possibly until 20 May 2020.

notnowdennis Wed 05-Aug-20 18:51:49

It’s Blackbaud. Affecting charities everywhere right now.

DianasLasso Wed 05-Aug-20 19:45:34

Yes, the slow response in informing people is going to make for some interesting GDPR cases I think.

SirVixofVixHall Wed 05-Aug-20 22:03:47

Very worrying.

Thecazelets Wed 05-Aug-20 22:15:56

I had this from WA today too. I'm not too worried in the context. I think these sorts of hacking attempts go on all the time. The email was clear that no financial details were involved.

Having said that, I also donate to BPAS. I don't think they're on the Blackbaud list but I think I would possibly be a bit more worried about someone hacking that with some sort of sinister intent.

stumbledin Thu 06-Aug-20 14:18:03

I wonder if the delay was because Blackbaud were negotiating with whoever hacked for ransome. There may be a whole plot line worthy of a movie.

Maybe they wait before making public until they are sure all info stolen is returned / deleted. Thought how would you ever know?

MGMidget Fri 07-Aug-20 08:22:51

Maybe its because of lockdown that it wasnt discovered for so long and the date it occurred could have been up to May? So many businesses and services just werent operating normally for months and home working was all a bit iffy from a security perspective and professional image with things not working as they should. Probably a great time for hackers to seize the opportunity.

MGMidget Fri 07-Aug-20 08:30:41

Ps with Women’s Aid I would be more concerned about the vulnerability of some people who may be living in volatile home environments and dont want their partner to know they have been in touch with Women’s Aid. Hence, the warning from Women’s Aid is important not just because of the risk of claims for money but also because some victims who have been in touch with Women’s Aid can be ready with their explanation to a partner if they get a call and not look flustered in front of their partner!

WarmHeyerette Fri 07-Aug-20 19:38:15

I got it too and the same from the National Trust which is less of a hotbed of subversion. grin

DidoLamenting Fri 07-Aug-20 19:40:36

My university has just sent me one.

Join the discussion

To comment on this thread you need to create a Mumsnet account.

Join Mumsnet

Already have a Mumsnet account? Log in