In a major cyber attack, hackers targeted a survey company collaborating with over 40 prominent charities, including the RSPCA, Dogs Trust, and Battersea Dogs And Cats Home, resulting in the theft of personal data from hundreds of thousands of donors. The breach, which occurred on August 9 but was only recently disclosed, exposed victims’ surnames, partial home addresses, email addresses, and donation amounts.
While no financial data was compromised, concerns arise regarding potential use by scammers to send fake fundraising appeals. High-profile charity supporters, including Sir Elton John, Alan Carr, and Sir Brian May, could also be impacted.
The cyberattack targeted Surrey-based company About Loyalty, which conducts surveys for various charities. The hackers gained access to personal information via a subcontractor called Kokoro. The total number of affected individuals remains unknown but is likely to be significant. Charities such as Friends Of The Earth, Battersea Dogs And Cats Home, and the RSPCA have started notifying affected donors and taking the breach seriously.
Philip Ingram, a former British military intelligence colonel, expressed concerns about the potential for spear-phishing campaigns targeting those affected and the reputational damage to the charities involved. The Information Commissioner’s Office (ICO) is investigating the breach, with the authority to issue fines for data security failures. Kokoro stated that the incident has been contained, and there is no ongoing risk to their systems.
