British charities warn supporters their personal data has been breached Graham Cluley

pGraham CluleyppCybersecurity keynote speaker news and opinionppppUK charities including Shelter the RSPCA the Dogs Trust Battersea Dogs and Cats Home and Friends of the Earth have warned their supporters that hackers have stolen their data following a breach at a supplierppThe charities themselves havent been hacked The problem instead lies with thirdparties working with the charities to help them conduct surveys of their supportersppAn external web server run by Kokoro a company that was working for survey firm About Loyalty suffered a security breach spilling donators surnames home addresses email addresses and information on past donationsppCharities affected including the RSPCA and Shelter have contacted their supporters via email warning them of the threat ppppFriends Of The Earth told the Daily Mail that some 93000 of its supporters had had their data breachedppKokoros privacy policy claims that the company has appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way and that it has procedures in place to deal with any suspected data security breachppAll fine words of course but its no guarantee of course that they wont ever suffer a hackppAnd you as a supporter of a particular charity are probably completely unware that Kokoro exists at all let alone that it has a copy of your personal informationppFortunately the charities had not shared more sensitive information such as passwords and financial details which could have potentially put supporters at even greater riskppNonetheless there remains the potential for charity supporters to be targeted by scammers who might use the stolen information to send convincinglooking emails which might ask for more sensitive information or dupe recipients into clicking on shady linksppIt would obvious be a great shame if this security breach shook anyones confidence in supporting such worthy charities who quite frankly have done nothing wrong other than work with suppliers who appear to have not secured their systems tightly enoughppThe incident has been reported to the Information Commissioners Office ICO and Charity CommissionppFound this article interesting Follow Graham Cluley on Twitter Mastodon or Threads to read more of the exclusive content we postpp
Graham Cluley is a veteran of the cybersecurity industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomons AntiVirus Toolkit for Windows Now an independent analyst he regularly makes media appearances and is an international public speaker on the topic of cybersecurity hackers and online privacy
Follow him on Twitter Mastodon Threads Bluesky or drop him an email ppYour email address will not be published Required fields are marked ppComment ppName ppEmail ppWebsite pp

ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppThis site uses Akismet to reduce spam Learn how your comment data is processedpp
Hire Graham Cluley to be a cybersecurity keynote speaker at your event or webinar
pp
Hosted by Graham Cluley and Carole Theriault
ppWinner Best Cybersecurity Podcast 2018 2019 2023 Most Entertaining 2022 2023pp

Latest episodepp
Subscribe

Apple Podcasts
Google Podcasts
Spotify RSS

Support the podcast
Patreon Apple Podcasts
pp
Sponsor this website to promote your product or service to thousands of readers
pp
     
        
pp
Send a tip or story idea Hire Graham Cluley to speak at your event
Sponsorship Contact About
pp ComplaintsCorrections Privacy Terms ConditionsppPowered by WordPress securely hosted by WPX
Copyright 20012023 Cluley Associates Limited All Rights Reservedp