Hackers target for-profit group that helps charities

While they aren't multi-million dollar for-profits or government organizations, nonprofits aren't exempt from the dangers of hackers. In fact, not-for-profit organizations should be wary and employ online fundraising tools that feature certified payment processing along with the best in fraud protection.

Not only could hackers attack a nonprofit's system, but they can also go after any for-profit companies that the nonprofit happens to do business with. The host of not-for-profits and ministries that benefit from America's Thrift Stores are finding that out the hard way as criminals in Eastern Europe recently hacked the resale chain's computers, The Nonprofit Times reported. The Birmingham, Alabama-based for-profit business collects donated clothing, furniture and other items, then sells them and gives the proceeds to one of the many charities it supports. 

Data breach
According to the thrift store chain, hackers were able to cause a data breach by targeting the third-party software provider America's Thrift Stores was using, said Kenneth Sobaski, the company's CEO, in a press release. 

The breach exposed credit and debit card numbers along with their expiration dates, Sobaski said. However, the thrift store chain believes customer names and contact information were not comprised. 

So far, it appears the data breach affected sales made between Sept. 1 and Sept. 27 at any of the business' 18 locations. The Secret Service along with an independent service are investigating who's responsible for the hack. Meanwhile, the store found the malware that allowed the data breach and removed it from its systems.

Targeting nonprofits
Hackers target not-for-profits because nonprofits usually have a small staff with few online security tools in place that a large corporation might have. This makes a nonprofit easy prey to spread malicious code and viruses over their websites and cause a data breach to steal sensitive financial data. 

The Red Barn, an Alabama-based nonprofit that provides therapy horses to disabled children and military veterans, was recently hacked by an ISIS advocate who took over the organization's website and posted pro-Islamic State messages, Portfolio SC noted. 

"As a small nonprofit, it really is impacting us," Joy O'Neal, the nonprofit's head, told Portfolio SC. "It scares our parents, our students and our families." 

Sometimes IT has to take a hacked website down for a few days or weeks which can cost a nonprofit in the number of online donations they would've received. A system hack is not only costly in the form of lost files and comprised financial records, but also in trust, Portfolio SC noted. Regaining donor trust can be a huge undertaking especially if their credit cards were used fraudulently. A nonprofit that wants to safeguard its donors' information needs the right kind of security in place to keep hackers out and maintain the public's trust. 

Back to News