Charity data breach incidents appear to be on the rise, and there are a number of reasons as to why they can be an easy target for hackers, and why they may fall foul of data laws more easily than some other organisations.
According to recent figures, there were 59 charity data breach incidents reported to the Information Commissioner’s Office (ICO) between January and March in 2018. This is a 69pc rise on the previous year’s period.
Although the figures appear to be in-line with rises seen in some other sectors, which may be due to the greater awareness of data breach laws given the new GDPR, the figures cannot be ignored.
Why might charity data breach incidents be higher?
The reason that charity data breach incidents may be higher is because they may be an easy target for cyber-attacks, in the same way that the public sector can be an easy target.
Lower funds in the public sector can mean less protection, and this can be reflective in the charity industry given their funding aims are, of course, to channel as much money as they can into the charity itself.
Funding shortages can leave any sector vulnerable to attack, and this can be reflective in the charity sector as well.
Another reason can be lack of awareness. All organisations must provide staff with data protection training, but with volunteers coming and going in charity organisations, the risks can be higher.
These are the kinds of factors that need to be looked at – and addressed – in order for any sector to properly protect themselves it’s all about identifying the potential weaknesses that can be individual to each sector.
British & Foreign Bible Society charity data breach
The recent fine over the British & Foreign Bible Society charity data breach shows that charity organisations are not except from the powers of the ICO.
They were fined £100,000.00 after cyber-hackers exploited a weakness in their systems between November and December 2016, and the personal data of some 400,00 people was exposed.
The data exposed included payment card and bank account details, leaving victims at risk of fraud and theft. The hackers were able to export data out of the compromised systems.
£100,000.00 is a big fine, but despite this case being a charity data breach, people’s data must always be kept safe and secure, no matter who you are, or what cause you represent.