24 Aug 2023
CYBER SECURITY INCIDENT
WWF-Australia is aware of a cyber incident that has impacted one of our fundraising providers, Pareto Phone, which has resulted in the disclosure of the personal information of some of our valued supporters.
We have already begun the process of notifying all impacted supporters and we will continue to do so as our investigations continue. We acknowledge that these situations can be distressing on our generous supporters. We will be providing support through IDCARE to affected individuals to avoid further impacts (see further details below).
WWF-Australia is deeply saddened by the breach and its impact on our supporters. We take the privacy of our supporters seriously and we are committed to be open and transparent as we work through the investigation.
There has been no impact on WWF-Australia’s systems.
In August, Pareto Phone notified WWF-Australia that the data accessed in the breach had been published on the dark web and included information pertaining to WWF-Australia and some of our supporters.
We deeply regret that some of our supporters’ information has been compromised by the breach of Pareto Phone’s systems. We are working as quickly as possible to notify our valued supporters who have been affected by the recent cyber-attack on Pareto Phone as a matter of urgency.
We have paused all of our projects with Pareto Phone while we work with the company to investigate the extent of the data breach attack and ensure their systems are secure.
If you’ve been impacted, what should you do?
You may take any or all of the following steps.
- Remain alert – You should remain alert to any fraudulent or suspicious activity, particularly any scam involving anyone pretending to be from WWF-Australia.
- Contact IDCARE for support – WWF-Australia has partnered with IDCARE, Australia’s national identity and cyber support community service to support those affected by this incident. Details on how to access this service will be provided in the communication sent to supporters who have been impacted.
- Review your passwords – In addition to remaining alert to any fraudulent or suspicious activity, you may wish to review your password practice (see here for some guidance from the Australian Cyber Security Centre: https://www.cyber.gov.au/protect-yourself).
- Seek general information on cyber security – Further general information on online safety, cyber security and helpful tips to protect yourself and respond to scams, identity theft and other online risks, can be found at https://www.cyber.gov.au/threats
If you would like to contact us for further information, please contact our team via hello@wwf.org.au or on 1800 032 551.
WWF’s Privacy Policy is available here.
For Media Enquiries, please contact media@wwf.org.au