Once aware of the unauthorised access to data, we understand Pareto Phone worked urgently to contain the threat and investigate. Pareto Phone also engaged external cyber security experts to assist with their response to the incident and is working with these experts to ensure the ongoing safety and security of its systems.
Pareto Phone prioritised data scans to identify whether payment card information (PCI) had been exposed. Pareto Phone notified ChildFund Australia on 11 August that no PCI information had been identified in ChildFund Australia files.
Pareto Phone reported the incident to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) and has been cooperating with their investigations.
Since becoming aware of the incident, our team has worked closely with Pareto Phone and engaged our own external cyber security advisors to conduct a thorough and detailed investigation to determine what data has been impacted.
We are now notifying impacted individuals so that you can take action to reduce the potential impacts. We will work closely with our country programs to inform impacted sponsored children and their families, so they are aware of the breach and to remind them of online safety precautions. ChildFund Australia is disappointed that one of its previous partners suffered a cyber incident. We have been taking all reasonable steps to investigate the incident and protect our impacted individuals.
For more information, please contact the ChildFund Australia Supporter Relations team on 1800 023 600 or email info@childfund.org.au
