How to protect your charity from data breaches

Data breaches can be extremely troubling events for any organisation. But as organisations that rely on public trust and donations in order to continue operating, data breaches can have an especially grave impact on charities.

As the amount of data we interact with in our day to day life has grown in recent years, so too have the risks of a data breach.

What is a data breach?

When living and working online we often need to share our details with other organisations to access their services or buy goods and products from them.

A data breach occurs when information held by an organisation is stolen or accessed without authorisation. If any organisation you have shared your details with falls victim to a data breach, the information that you have shared with them may potentially fall into the hands of scammers and cyber criminals.

Criminals can then use this information when creating phishing messages (such as emails and texts) so that they appear legitimate. The message has been designed to make it sound like you’re being individually targeted, when in reality the criminals are sending out millions of these scam messages.

These techniques are known as ‘social engineering. Fraudsters exploit well-meaning staff members using knowledge about them that they have gathered from online sources. They use this information to convince them to reveal confidential information like passwords, to make a payment to the hacker, or simply to click on an attachment that contains malware such as ransomware.

Criminals may even send messages pretending to be from an organisation that has suffered a recent data breach.

Even if your details are not stolen in the data breach, the criminals will exploit high profile breaches (whilst they are still fresh in people’s minds) to try and trick people into clicking on scam messages.