Oxfam Australia investigating suspected data incident

Uncategorized article written on the 04 Feb 2021

On Wednesday 27 January 2021, Oxfam Australia was alerted to a suspected data incident. Oxfam immediately launched an investigation and engaged market leading experts to assist in identifying whether data may have been accessed and any impact on its supporters.

Chief Executive Lyn Morgain said Oxfam Australia had reported the matter to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) while continuing to investigate the suspected incident.

“Oxfam Australia is committed to working with all relevant authorities and experts to determine the facts and respond appropriately,” Ms Morgain said.

“Launching the investigation and ascertaining key facts have been our priorities, but this is a complex issue and inquiries are in their early stages.

“We have also taken immediate steps to further secure our environment and leading IT forensic experts have been engaged to conduct an investigation.

“Oxfam Australia’s priorities are confirming the type of data that may have been accessed and whether or not there are any impacted individuals.

“We assure our valued supporters that we are treating the matter with the utmost seriousness.

“We are committed to communicating quickly to our supporters once the facts have been established, and we will provide updates as we learn more.

“Oxfam supporters are at the heart of our organisation and their confidence is critical to our ongoing work in tackling the inequality that causes poverty around the world.”

Supporters wanting to seek or provide more information on this matter can contact 1800 088 110.

What has happened?

Oxfam Australia was alerted to a suspected data incident on Wednesday 27 January 2021. Oxfam immediately launched an investigation and engaged IT forensic experts to assist in identifying whether data may have been accessed and any impact on our supporters. Oxfam Australia has reported the alleged incident to the Australian Cyber Security Centre (ACSC) and Office of the Australian Information Commissioner (OAIC). We are urgently investigating the suspected incident and further information will be provided as soon as it is available.

Have I been impacted?

Oxfam Australia’s priorities are confirming whether data may have been accessed and any impact on its supporters. As we learn further information and facts are established, we will continue to provide you with updates. Oxfam Australia assures you that we are treating the matter with the utmost seriousness.

How can I receive further information and updates?

As Oxfam Australia learns further information, we will provide updates on this page.

Have people who may be affected been notified?

As the investigation is still in progress, please continue to check this website for updates. If you would like to know more, please call our Supporter Services Team on 1800 088 110.

We are committed to communicating quickly to our supporters once the facts have been established.

I’ve seen a media report that says the threat actor has included donor names, email addresses, addresses, phone numbers, and donation amounts – is this true?  

There have been media reports of a threat actor claiming to have information about our supporters, however these allegations have not been verified. Our priority continues to be confirming the type of data that may have been accessed and whether any of our supporters are impacted. We remain committed to communicating quickly to our supporters once the facts have been established. As we have stated, we take any claim of this sort extremely seriously, which is why we immediately launched an investigation with forensic experts and informed the relevant authorities.

Should I take any steps to protect the information currently held in my Oxfam account?

Our investigation by IT forensics experts is ongoing, and our priorities are confirming the type of data that may have been accessed and whether any of our supporters are impacted. We encourage everyone to practice normal cyber security awareness and be careful when responding to unsolicited communications, including phone calls, SMS messages and emails, particularly when they request personal and account information or that you action a link or any attachments. You can find more advice on how to avoid scams generally at www.scamwatch.com.au. Oxfam Australia will not contact you while we are investigating this suspected data incident to ask for personal information, so please report any suspicious behaviour to us directly by contacting our team on 1800 088 110.

Has my password been compromised? Should I change my passwords?

Based on our current investigation, there is no evidence that passwords have been compromised.

Although we are still investigating who may have been impacted, we encourage everyone to practice normal cyber security awareness and be careful when responding to unsolicited communications, including phone calls, SMS messages and emails, particularly when they request personal and account information or that you action a link or any attachments. You can find more advice on how to avoid scams generally at www.scamwatch.com.au. Oxfam Australia will not contact you while we are investigating this suspected data incident to ask for personal information, so please report any suspicious behaviour to us directly by contacting our team on 1800 088 110.

Have my credit card/bank details been accessed – should I cancel my card?

Based on our current investigation, there is no evidence that credit or bank card numbers have been compromised. If you wish to be proactive about your information security, you may wish to contact your financial institution and explore with them what additional security controls may be offered.

Although we are still investigating who may have been impacted, we encourage everyone to practice normal cyber security awareness and be careful when responding to unsolicited communications, including phone calls, SMS messages and emails, particularly when they request personal and account information or that you action a link or any attachments. You can find more advice on how to avoid scams generally at www.scamwatch.com.au. Oxfam Australia will not contact you while we are investigating this suspected data incident to ask for personal information, so please report any suspicious behaviour to us directly by contacting our team on 1800 088 110.

Why did Oxfam have my details in the first place?

Oxfam has records of people who may have signed a petition or taken part in a campaign, or who have made donations or purchased through our former shops. The types of personal information that Oxfam collects, and how we collect, handle and use that information, is documented within our Privacy Policy.

Will Oxfam remove my details from its database if I request this?

We will remove your contact details from our marketing database and ensure that you no longer receive marketing materials from us. We will also remove your information from other systems where possible and where we are not required to retain that information in respect of our regulatory obligations or where the information is no longer required for the purpose for which it was collected.

When will Oxfam’s investigation be finished? When will I get more information?

Oxfam is committed to providing information quickly and will provide updates when we learn more. Upon becoming aware of the alleged data incident, Oxfam immediately launched an investigation. The investigation is ongoing and complex.

I’ve had a scam call/s or unsolicited emails etc, is this linked to the Oxfam Australia incident?

Australians are subjected to scam calls on a frequent basis using an array of data available from our social media accounts and many other places. ScamWatch.gov.au publishes information on its website about the most current scams impacting the community. If you believe that scam activity you have experienced relates to this event, please contact our supporter response team on 1800 088 110.