Oxfam Australia investigates data breach after database sold online

[mood]

Oxfam Australia investigates data breach after database sold online

 

 

Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum.

 

Oxfam Australia is a charity focused on alleviating poverty within the indigenous Australian people and people from Africa, Asia, and the middle east. The charity is part of a confederation of twenty charities worldwide operating under the Oxfam umbrella.

 

Last week, BleepingComputer learned of a threat actor claiming to be selling a database containing the Oxfam Australia contact and donor information for 1.7 million people.

 

 

Threat actor selling Oxfam database

The database samples seen by BleepingComputer included names, email addresses, addresses, phone numbers, and donation amounts.

 

Sample of Oxfam Australia data

 

BleepingComputer has confirmed that one of the records contains legitimate data for a donor from sample data shared by the threat actor.

 

When BleepingComputer learned about this sale, we contacted Oxfam Australia, who immediately stated that they were investigating the situation.

Oxfam Australia discloses a suspected data breach

Today, Oxfam Australia told BleepingComputer that they continue to investigate the breach and reported it to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC).

"Late last week, Oxfam Australia was alerted to a suspected data incident. Oxfam immediately launched an investigation and engaged market leading experts to assist in identifying whether data may have been accessed and any impact on its supporters."

"Chief Executive Lyn Morgain said Oxfam Australia had reported the matter to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) while continuing to investigate the suspected incident," disclosed their suspected data incident notification.

 

Oxfam Australia has told BleepingComputer that it is unknown what data was potentially accessed and how many people were affected.

 

The charity is investigating the incident and will update its security advisory as more information is known.

What should Oxfam Australia donors do?

While the cyberattack has not been officially confirmed, based on the threat actor's information, it is likely that a data breach occurred.

 

With this in mind, all donors and registered members should change their password on the Oxfam Australia site. If you use that same password on other sites, you should change it there as well.

 

Threat actors can also use the alleged data in this database to perform targeted phishing attacks.

 

All donors should be on the lookout for phishing attacks claiming to be from Oxfam and asking for further personal information.

 

 

Source: Oxfam Australia investigates data breach after database sold online

[mood]

Oxfam Australia confirms data breach after stolen info sold online

 

 

Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January.

 

Oxfam Australia is a charity focused on alleviating poverty in  Africa, Asia, and the middle east. The charity is part of a confederation of twenty individual charities operating under the Oxfam name.

 

Last month, BleepingComputer was the first to report that a threat actor was selling a stolen Oxfam Australia database containing 1.7 million user records. These records included names, email addresses, addresses, phone numbers, and donation amounts.

 

From the database samples shared by the threat actor, BleepingComputer was able to confirm that at least one of the records contained accurate information.

 

Threat actor selling Oxfam Australia database

 

After contacting Oxfam Australia about the sale, the charity told BleepingComputer that they had begun an investigation into the attack.

 

Today, Oxfam Australia has confirmed that they suffered a data breach that has exposed donor information.

"Following an independent IT forensic investigation, Oxfam Australia announced today that it has found supporters’ information on one of its databases was unlawfully accessed by an external party on 20 January 2021."

"The database includes information about supporters who may have signed a petition, taken part in a campaign or made donations or purchases through our former shops."

 

"While the investigation found that no passwords were compromised, the database unlawfully accessed by the external party for the majority of supporters included names, addresses, dates of birth, emails, phone numbers, gender and in some cases, donation history. For a limited group of supporters, the database contained additional information, and Oxfam is contacting these supporters directly to inform them of the specific types of information relevant to them," Oxfam Australia disclosed today.

 

Oxfam Australia states that a small subset of donors the threat actor may have had access to bank names, account numbers, and partial credit card numbers.

 

It is not known if any threat actors purchased the stolen data after it was marketed on hacker forums.

What should Oxfam Australia donors do?

When we first reported on the breach, we advised Oxfam Australia donors to change their password on the site and other sites that utilize the same password.

 

While Oxfam Australia states that no passwords have been changed, we still advise that you secure your accounts to be safe due to the amount of data stolen by the threat actor.

 

As threat actors commonly use stolen data to harvest further sensitive information, Oxfam Australia donors should be on the lookout for targeted phishing emails, SMS texts, and phone calls pretending to be from Oxfam.

 

 

Source: Oxfam Australia confirms data breach after stolen info sold online