Catholic Charities CYO of the Archdiocese of San Francisco has recently discovered a significant network security incident affecting its systems. Upon learning of this breach, the organization initiated a comprehensive investigation, collaborating closely with external cybersecurity professionals who specialize in such incidents. This prompt response underscores Catholic Charities’ commitment to addressing potential risks and safeguarding sensitive information.
Following an extensive forensic investigation and a manual review of the affected files, Catholic Charities confirmed on July 31, 2024, that unauthorized access or acquisition of certain personal information occurred between September 13, 2023, and September 29, 2023. The compromised data may include individuals’ full names, dates of birth, Social Security numbers, financial account information, driver’s license numbers, medical information, passport numbers, health insurance details, and email login credentials. To ensure transparency and support for those affected, Catholic Charities is sending notification letters to potentially impacted individuals, along with resources to help them protect their information.
While Catholic Charities has no evidence of data misuse resulting from this incident, the organization is taking proactive measures to assist those whose information may have been compromised. A key element of this support includes offering complimentary identity monitoring and protection services for individuals whose Social Security numbers were involved in the breach. The organization strongly recommends that affected individuals enroll in these services to enhance their protection against potential identity theft or fraud.
Catholic Charities emphasizes its unwavering commitment to maintaining the privacy and security of personal information in its possession. The organization has implemented numerous precautions to safeguard sensitive data, continually evaluating and modifying its practices and internal controls. Furthermore, it encourages impacted individuals to take necessary steps to protect their personal information, such as placing fraud alerts on credit files, obtaining free credit reports, and remaining vigilant in monitoring financial accounts for any suspicious activity.
Reference: