Reputations and resources are at risk.
Churches and nonprofits are increasingly targeted by hackers because these organizations typically,
- have weak cybersecurity practices
- do not have staff members competent in cybersecurity
- rely heavily on volunteers with little or no cyber awareness training who collect and process sensitive information
A church bookkeeper received a message on her screen that she had been the victim of a computer breach.As a result, she was locked out of the system. The message prompted her to call an unknown phone number to restore access to the computer. She allowed access to the hackers and immediately saw social security numbers show up on the screen. At that point, she knew something was wrong. Experts were hired to monitor the credit for those affected.
St. Ambrose Roman Catholic Church in Brunswick, Ohio was recently scammed out of $1.75 million. A phishing email led the church to believe the construction firm doing renovation work on its sanctuary made changes regarding its financial institution. An FBI investigation found that the church’s email system was hacked, and the cybercriminals were able to deceive the church leaders into believing the construction firm had changed its bank and wiring instructions.
Hackers logged into the church’s network and stole students’ personal information.They then used the information to obtain credit cards, running up high balances by claiming to be the students.
A church’s online giving system was hacked, and someone gained access to their usernames and passwords.The first day, $17,000 was taken. Each day after, approximately $3,000 more was stolen, until the thefts were discovered by the ministry. The grand total stolen was $181,709.
Churches and nonprofits collect and process sensitive information that is governed by international, federal, and state regulations
- Bank and credit card information for donations
- Driver’s license and SSN for background checks
- Birthday and health information for children and youth
- Payroll and other financial data
Third party companies are not liable for information churches and nonprofits collect/own, even if they store or manage it.
Ministry Cyber Professionals meets the need and closes the cybersecurity gap by providing professional cybersecurity services and by helping churches and nonprofits implement cybersecurity best practices.