The Australian arm of charity Oxfam is investigating a potential data breach.
The probe is in response to a hacker claiming to be selling an Oxfam Australia database containing the names, email addresses, addresses, phone numbers and donation amounts of 1.7m people, information security news publication Bleeping Computer reported.
Those claims have yet to be verified says Oxfam Australia. It is, however, taken the matter seriously and is working with relevant authorities and experts to determine the facts and respond appropriately.
“This is a complex issue and inquiries are in their early stages,” said CEO Lyn Morgain. “We have also taken immediate steps to further secure our environment and leading IT forensic experts have been engaged to conduct an investigation.
“Oxfam Australia’s priorities are confirming the type of data that may have been accessed and whether or not there are any impacted individuals. We assure our valued supporters that we are treating the matter with the utmost seriousness.”
The charity pledged to provide updates as it learns more.
The organisation added: “As the investigation is still in progress, we are unable at this stage to confirm if any supporters have been affected. Oxfam Australia’s priorities are confirming whether data may have been accessed and any impact on its supporters.”
It is emailing supporters, and phoning or emailing other stakeholders about the incident.
It has reported the matter to the Australian Cyber Security Centre (ACSC) and Office of the Australian Information Commissioner (OAIC).