By Andy McCue, 9 December 2005 17:15
NEWS
Hackers have stolen the personal details of thousands of donors to a Christian charity website and tried to extort money from the victims.
UK charity Aid to the Church in Need admitted today that its online security systems had been breached by hackers.
The charity does not yet know how much money the criminals have stolen but the addresses of more than 2,000 online donors have been compromised and the hackers have used these details to contact the benefactors directly to try and extract more money.
Neville Kyrke-Smith, national director at Aid to the Church in Need UK, said the charity is in a "state of shock".
He said in a statement: "Apart from the obvious distress to benefactors, we're concerned that our charity identity has been stolen. However it's the beneficiaries, those who need the money the most, who will ultimately suffer. I urge all charities to regularly review their website security and make sure all software is up-to-date."
The security breach has prompted the Charity Commission to issue a warning for all charities to be on their guard against internet fraud.
Andrew Hind, CEO at the Charity Commission, said in a statement: "All charities need to regularly review website security and make sure they stay ahead of the hackers and fraudsters."
Comments
There are 2 comments. Join the discussion
1. Praval Dube
Rather than reviewing the existing websites and checking regularly for hacking, it would infact be highly beneficial if the entire security architecture of the existing websites is audited and reviewed against the latest security standards and a common set of guidelines are to be devised for the security infrastructure. This will serve as a preventive action rather than corrective.
2. Parijat Dube
The problem with builing standards is that the standards themselves can be hacked. It is always possible to find loop poles and so I think preventive measures alone like building applications compliant with standards may not suffice and reactive measures are inevitable.