Children’s details hacked at donkey sanctuary
HACKERS may have seized children’s personal details after targeting the charity behind a popular Sutton Coldfield attraction.
Supporters of The Donkey Sanctuary have been told that information including names, addresses and contact details were accessed.
The breach was discovered in May, but families have only now been alerted in letters sent to parents.
The organisation runs a sanctuary in Sutton Park, which is popular with children – including those with special needs. It allows them to adopt an animal and and provides therapy for those with disabilities. The company said in the letter: “We have recently been informed that Blackbaud, the company that supplies our database software, was the victim of a cyberattack that has affected us and many other organisations. We are getting in touch to let you know that this data security incident may have involved your child or children’s personal information.”
It confirmed the details included ‘children’s names, dates of birth, address, telephone number and email address’. But it said it was only recently informed of the breach. It went on: “We take the protection and proper use of your child or children’s information very seriously. So we want to share details of the incident, let you know what we’re doing and explain any steps you may need to take.
“We have been working with Blackbaud to investigate how it happened and make sure your data remains secure in the future.
“While we believe there is no immediate risk to you, we recommend you remain vigilant and take the usual steps to guard against the possibility of identity fraud and theft.
“We are deeply sorry about this and for any worry or inconvenience it may have caused you.”
The charity did not confirm how many people had been affected. A spokesman for The Donkey Sanctuary said: “We have been informed the risk to individuals’ data is very low but we believe this incident may have unfortunately resulted in the details of some of our supporters being accessed.
“Blackbaud has informed us that all of the details accessed have been destroyed and there is currently no evidence of the data being used.”