Oxfam Australia confirms 'supporter' data accessed in cyber attack

Oxfam Australia Confirms ‘Supporter’ Data Accessed in Cyberattack

Oxfam Australia, an Australian, not-for-profit aid and development organization, has confirmed that its supporter information had been accessed by suspected cybercriminals.

They have been investigating the incident since February after a database belonging to it was leaked online in a “data incident.”

At the time, experts believed Oxfam Australia’s database contained personal information for about 1.7 million Oxfam Australia supporters, though the company did not confirm this.

The charity issued an update on Monday saying their supporter’s information was accessed by an external party on 20 January 2021.

“We contacted all our supporters early last month to alert them to a suspected incident, which has now been confirmed,” Oxfam Australia CEO Lyn Morgain said.

The compromised database includes information about supporters who may have taken part in a campaignб signed a petition, made donations, or made purchases through the company’s brick-and-mortar stores. Information could have names, postal addresses, email addresses, dates of birth, phone numbers, and genders of Oxfam Australia’s supporters.

Oxfam said in some instances, the databases also contained donation histories and for a limited group of supporters, additional forms of information. The charity didn’t confirm what that other information was. But the charity also revealed:

“There was a small group of supporters who may have had their bank name, account number and BSB accessed or part of their credit and debit card details accessed.”

They promised to contact these supporters directly:

“We are contacting this group of supporters to provide advice on the particular steps that they can take to protect their information and avoid scams.”

Having alerted its supporters to the incident last month, Oxfam works with the local Office of the Australian Information Commissioner and Australian Cyber Security Centre.

Lyn Morgain said they would continue to communicate openly with their supporters while complying with regulatory requirements.

She emphasized that the privacy and protection of their supporters will remain their paramount concern during this process of a thorough investigation.

“Oxfam supporters are at the heart of our organization and their confidence is critical to our ongoing work in tackling the inequality that causes poverty around the world,” she said.

The organization sincerely regrets this incident took place.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.