“We apologise for any concern or stress that this incident may have caused,” chief executive Doug Taylor said in a statement. “We’re contacting every single donor and sponsor about the incident,whether their information may have been accessed or not.”
There was no indication so far that any donor information had been misused,Taylor said. Recent cyber breaches,including the attack on Medibank, have shown early indications are often unreliable and it is not clear whether the hackers opened the sensitive files. Supporters have been told to be wary of unsolicited messages,not to click unknown links and reviewcyber.gov.au for further advice.
The card information breached is limited to the first four and last digits on some cards. Other card data was not stored by The Smith Family,it said.
Loading
The charity,which helps to educate children in need,has not yet said how many donors have been affected. The Smith Family does not know the hacker’s identity but has informed the Australian government’s Cyber Security Centre and the Office of the Australian Information Commissioner,which enforces data breach laws.
A spokesman for the information commissioner confirmed the breach had been reported.
“Under the Privacy Act,organisations have obligations to protect against unauthorised access,disclosure or loss of personal information,” the spokesman said.