The breach is limited to a subset of donors and their sponsored children, who supported ChildFund Australia between 2014 and 2018. A number of sponsored children were also impacted.
This breach does not affect any donors who have joined ChildFund Australia after 2018.
The data obtained during the breach included contact details for our supporters during the 2014 to 2018 period; including email address, date of birth, mailing address, and information about child sponsorships with ChildFund Australia at this time. Phone numbers were not obtained.
Financial details such as bank accounts and credit card information have not been obtained. Also, as personal identity data such as passport numbers and drivers’ licenses are not collected by ChildFund Australia, this type of information was also not involved.
Our existing safeguarding procedures mean that the children involved in our sponsorship programs remain safe and no contact details of children were shared. However, it is possible that the details released in the breach could be used to make a convincing and targeted communication to you, posing as ChildFund.