Children's charity The Smith Family hit by cyberattack

Organisations across Australia can't take a break from cyber criminals, with children's charity The Smith Family being the latest to fall victim to a cyberattack.

On Tuesday, November 22, The Smith Family informed its customers that an unauthorised third party seeking to steal the organisation's funds temporarily accessed a team member's email account.

“Upon discovery of this incident, we promptly acted, and the attempt was unsuccessful,” the charity said in a statement, as reported by Glam Adelaide. “We immediately took steps to secure our systems. We then commenced an investigation of the incident and engaged specialist cyber security experts to understand what happened and the impact.”

The Smith Family noted that the unauthorised third party might have accessed some of the charity's supporter data, including some personal information.

Read more: Medibank update: More data leaked to dark web

According to the charity, the cybercriminal might have accessed the following personal information:

• Name;
• Address;
• Phone number;
• Email address; and
• Donation amount.

“Please note we do not request, collect, or hold personal identity documents such as passports or drivers' licences of our supporters, as these are not required to process your much-appreciated donations. This is consistent with our commitment to protecting the privacy of our supporters,” The Smith Family said in a statement.

Although it assured customers that the data accessed cannot be used to make fraudulent purchases, the charity reminded its customers to:

• Remain alert to any suspicious email, SMS, or telephone communications disguised to look like they come from someone they know or trust;
• Verify the communication's legitimacy by authenticating the sender, including checking email names and domains;
• Do not open links that look suspicious. If the customer is unsure about a link sent by a company, they should go to the company's website and look for the product or service offered;
• Be alert to phishing scams, including those targeting customers via post or email and asking for passwords and other sensitive information;
• Consider changing email account passwords and enabling multi-factor authentication; and
• See further information about online safety, cyber security, and other helpful tips at cyber.gov.au.

Technology and cybersecurity are the top risks facing chief financial officers (CFOs) in 2022, according to Lockton's latest research.

Meanwhile, cybersecurity and biometrics firm Daltrey's latest research claimed that continued cybersecurity negligence will lead to more data breaches in 2023.

“A storm is brewing, and all Australian businesses need to heed the warnings that the last quarter of 2022 has shown and act now to close vulnerabilities,” said Daltrey founder and CEO Blair Crawford, as reported by IT Brief.