Security News > 2021 > March > Oxfam Australia confirms data breach after stolen info sold online
Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January.
Last month, BleepingComputer was the first to report that a threat actor was selling a stolen Oxfam Australia database containing 1.7 million user records.
Today, Oxfam Australia has confirmed that they suffered a data breach that has exposed donor information.
"While the investigation found that no passwords were compromised, the database unlawfully accessed by the external party for the majority of supporters included names, addresses, dates of birth, emails, phone numbers, gender and in some cases, donation history. For a limited group of supporters, the database contained additional information, and Oxfam is contacting these supporters directly to inform them of the specific types of information relevant to them," Oxfam Australia disclosed today.
While Oxfam Australia states that no passwords have been changed, we still advise that you secure your accounts to be safe due to the amount of data stolen by the threat actor.
As threat actors commonly use stolen data to harvest further sensitive information, Oxfam Australia donors should be on the lookout for targeted phishing emails, SMS texts, and phone calls pretending to be from Oxfam.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- Pokemon dev Game Freak confirms breach after stolen data leaks online (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)