The Church of Jesus Christ of Latter-day Saints, often referred to as the LDS Church or the Mormon Church, suffered a data breach that included sensitive personal information of church members, employees, contractors and friends. Payments and other bank statements were not affected.
in Advertising (Opens in a new tab) The church said the data breach occurred in late March 2022, but as the law enforcement investigation continues, it has been asked to keep the incident confidential.
The church did not mention the name of the source of the threat behind the attack, nor did it say if there was anything Malware (Opens in a new tab) It was used, but he said US federal law enforcement suspects the break-in was “part of a pattern of state-sponsored cyber attacks targeting organizations and governments around the world” that are not intended to harm individuals.
Bank data is safe
When hackers gained access to the church’s database, they stole “essential” data, including usernames, membership record numbers, full names, gender information, email addresses, birthdays, postal addresses, phone numbers, and preferred language.
Although your donation history or banking information is not affected, it is still enough sensitive data for identity theft, phishing, and other types of fraud.
So far, the church has not seen evidence of data being used in the wild, but has urged everyone to be extra vigilant when receiving any emails, SMS or phone calls, and to be alert for potential fraud attempts.
She also added that those affected by the accident have already been contacted, and those with additional questions can contact the listed phone numbers over here (Opens in a new tab).
To keep its members, employees, contractors, and friends safe, the church has hired outside forensic experts, notified US federal law enforcement, and “other cybersecurity professionals” who investigated the incident and “further strengthened” the security of the church’s systems. It did not elaborate on what this boost meant, nor did it provide the affected individuals with identity protection services.