Security News > 2023 > December > Nearly a million non-profit donors' details left exposed in unsecured database

Nearly a million non-profit donors' details left exposed in unsecured database
2023-12-13 10:30

Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database.

Infosec researcher Jeremiah Fowler found 948,029 records exposed online including donor names, addresses, phone numbers, emails, payment methods, and more.

The finding illustrates the importance of keeping databases secure, and will likely raise alarm over the potential for phishing attacks against donors whose information was exposed.

"Any data incident that exposes donor information is a significant concern," argued Fowler.

"Hypothetically, criminals would have sufficient information to contact donors and pose as a charity or cause donors have previously supported and are passionate about, to initiate a fraudulent donation request."

"The database even contained donor templates that could be modified and sent to prospective donors. Criminals could potentially create similar email addresses and contact donors to update their payment information. In such situations, the criminal could then ask for credit card and banking information or additional personal data."


News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/13/donorview_database_breach/