Kamso Oguejiofor-Abugu
Published on: August 31, 2023 
In a significant cybersecurity incident, the personal details of over 50,000 Australian charity donors have been leaked on the dark web. The breach, which occurred in April, has been linked to third-party fundraiser Pareto Phone, a company responsible for collecting donations on behalf of numerous charities.
Several high-profile charities, including The Cancer Council, Canteen, and The Fred Hollows Foundation, have confirmed the breach of their donor data through Pareto Phone. While the exact nature of the compromised data varies, it generally includes full names, dates of birth, addresses, email addresses, and phone numbers.
The ABC reported that the breach also involved the theft of credit card data from some charities. PLAN International, a girls’ equality charity, was the first to disclose that credit card details of 8,000 supporters, dating back to 2009, had been leaked. However, they confirmed that all stolen credit card details had already expired.
Interestingly, some of the exposed data dates back up to 15 years. This revelation has raised concerns about the retention of historical data, with some charities alleging breaches of the Australian Privacy Principles regarding the destruction of old data.
Despite the magnitude of the breach, the Office of the Australian Information Commissioner (OIAC) has not initiated a formal investigation into Pareto Phone. Instead, they have stated they are “monitoring” the situation. This comes amidst revelations that the OIAC has never fined a company for a serious data breach, even after the introduction of severe penalties last November, which can go up to $50 million.
“If there’s no penalty for keeping this data and then being breached, then companies in Australia aren’t going to change that,” Cybersecurity expert Professor Nigel Phair said, emphasizing the need for the privacy commissioner to utilize their powers and enforce penalties.
Pareto Phone’s CEO, Chris Smedley, expressed regret over the breach and stated that the company is working with forensic specialists to analyze the affected files. “We have not at this stage identified any identity documents such as tax file numbers, driver licenses and passports about any donor,” Smedley said.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
- PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
- PlatoESG. Automotive / EVs, Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
- PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
- ChartPrime. Elevate your Trading Game with ChartPrime. Access Here.
- BlockOffsets. Modernizing Environmental Offset Ownership. Access Here.
- Source: https://www.safetydetectives.com/news/major-data-breach-exposes-thousands-of-australian-charity-donors/
