My feed
Premium

Please
or
to access all these features

Feminism: Sex & gender discussions

Womens Aid - data breach

17 replies

perfectionistchaos · 05/08/2020 15:53

I've just had an email from Womens Aid that they have had a data breach and my name, contact information and donation history could have been accessed. Does anyone else feel that this is potentially more sinister than a "normal" hacking, especially as lots of WA donors have previously used their services (disclaimer - luckily not me)?

OP posts:
Report
ThePurported · 05/08/2020 15:56

I doubt it. Charities are targeted all the time.

Report
thinkingaboutLangCleg · 05/08/2020 16:49

Charities are targeted all the time
How horrible. Does this mean they have poor security? Is there anything they can do about this? Because it is a serious problem if people using services like Women's Aid are put at further risk.

Report
FemaleAndLearning · 05/08/2020 17:01

I got the message too. The hackers will be looking to make money or sell the list for someone to make money. I thought the email was good about warning about potential phone calls asking for increased donations and bank details. They clearly said they do not go this do that is good.

Report
ThePurported · 05/08/2020 17:05

Does this mean they have poor security?

Not necessarily. Any large organisation that holds personal data is a target.

Report
stumbledin · 05/08/2020 17:23

The email points out that it is not them who have the data breach but their provider, Blackbaud - who I think are widely used (reputable?).

It's possible that a number of other charities will have been similarly compromised. The BBC article they gave link to lists those who have been. www.bbc.co.uk/news/technology-53567699

They say it is a "ransomware attack" which is usually about extracting money to get the data back.

Not saying there are no worries, but unfortunately even though you may for instance think your home if burglar proof those intent on breaking in will always try and find a way and sometimes suceed.

Report
stumbledin · 05/08/2020 17:26

I think the email they have sent is quite well presented and informative.

But would pay attention to the point they have made just in case:

You should be wary of people claiming to represent Women’s Aid telephoning, emailing or writing to you asking for information about you, or asking to confirm your payment details. You can always confirm that a contact is genuine by writing to us at [email protected], and the appropriate team can let you know if they have genuinely been in touch.

Report
DianasLasso · 05/08/2020 17:27

My immediate thought was it was the Blackbaud hack. A whole load of universities have had their alumnae databases hacked.

Don't think it's anything especially sinister in this case.

Report
JackiFazaki · 05/08/2020 18:15

I was looking to see if there was a thread about this.

I had the email also. It's honest enough and glad that they've told me.
I'm a bit surprised that it's now August, and the breach happened some months ago.

The providers of our customer database, Blackbaud, have let us know that they discovered and stopped a ransomware attack. After discovering the attack, they successfully stopped the cybercriminal, but before they did, the cybercriminal removed a copy of our backup file containing your personal information. This occurred at some point beginning on 7 February 2020 possibly until 20 May 2020.

Report
notnowdennis · 05/08/2020 18:51

It’s Blackbaud. Affecting charities everywhere right now.

Report
DianasLasso · 05/08/2020 19:45

Yes, the slow response in informing people is going to make for some interesting GDPR cases I think.

Report
SirVixofVixHall · 05/08/2020 22:03

Very worrying.

Report
Thecazelets · 05/08/2020 22:15

I had this from WA today too. I'm not too worried in the context. I think these sorts of hacking attempts go on all the time. The email was clear that no financial details were involved.

Having said that, I also donate to BPAS. I don't think they're on the Blackbaud list but I think I would possibly be a bit more worried about someone hacking that with some sort of sinister intent.

Report
stumbledin · 06/08/2020 14:18

I wonder if the delay was because Blackbaud were negotiating with whoever hacked for ransome. There may be a whole plot line worthy of a movie.

Maybe they wait before making public until they are sure all info stolen is returned / deleted. Thought how would you ever know?

Report
MGMidget · 07/08/2020 08:22

Maybe its because of lockdown that it wasnt discovered for so long and the date it occurred could have been up to May? So many businesses and services just werent operating normally for months and home working was all a bit iffy from a security perspective and professional image with things not working as they should. Probably a great time for hackers to seize the opportunity.

Report
MGMidget · 07/08/2020 08:30

Ps with Women’s Aid I would be more concerned about the vulnerability of some people who may be living in volatile home environments and dont want their partner to know they have been in touch with Women’s Aid. Hence, the warning from Women’s Aid is important not just because of the risk of claims for money but also because some victims who have been in touch with Women’s Aid can be ready with their explanation to a partner if they get a call and not look flustered in front of their partner!

Report
WarmHeyerette · 07/08/2020 19:38

I got it too and the same from the National Trust which is less of a hotbed of subversion. Grin

Report
DidoLamenting · 07/08/2020 19:40

My university has just sent me one.

Report
Please create an account

To comment on this thread you need to create a Mumsnet account.