SALT LAKE CITY, Utah (ABC4) – In the Church of Jesus Christ of Latter-day Saints some of its computer systems were breached in late March, resulting in unauthorized access to the personal data of members of the Church.
According to the LDS Church, personal data accessed in the breach may include information used in Church accounts created online.
The Church says donation history and banking information associated with online donations were not affected, however, basic contact information such as full name, gender, email address(es), birthdate, mailing address, phone number(s), membership record number, and usernames may have been affected.
“We take protecting the personal data entrusted to us seriously and are taking every action to keep your information safe,” Church officials said in a statement. “We have been working with external forensic experts, U.S. federal law enforcement, and other cybersecurity professionals to investigate the incident and further enhance the security of Church systems.”
The Church says the breach happened on March 23, 2022, and federal law enforcement authorities were immediately notified. As part of the investigation, the Church was instructed to keep the breach confidential.
At the conclusion of the investigation, the Church has begun notifying affected individuals by email. It is believed the breach is part of a “pattern of state-sponsored cyberattacks aimed at organizations and governments around the world that are not intended to cause harm to individuals.”
The LDS Church says they have no indication any personal data has been misused or published, but that members “remain vigilant” about the security of personal data.
Those concerned about their own cybersecurity are recommended to frequently change passwords and use strong and different passwords for every account. If anyone notices any suspicious activity including fraudulent activity, scams, or identity theft, they should immediately report it to law enforcement authorities.