• Personal information hacked and leaked to the dark web
• Major breach affects more than 70 Australian charities
• Public urged to be on high alert for uninvited calls, texts and emails

Western Australians who have made financial donations to charities in the last 10 years or more are being urged to beware of scams following reports of a major data breach of a telemarketing company holding donor information from Australian charity organisations.

Consumer Protection has warned the public to be extra suspicious of uninvited or surprise calls, text message or emails in the coming weeks. Assume any uninvited communications you receive may be from a scammer.

“If you get a call from someone posing as a credible organisation, hang up and contact that organisation by their published telephone number to confirm any issues,” Commissioner for Consumer Protection Trish Blake warned.

“We understand this may be a concerning situation for the kind-hearted people who donate to charities, so now is the time to be extra vigilant,” Ms Blake said.

The warning follows reports of a data breach of a third-party telemarketing firm that has helped raise funds for more than 70 Australian based charities, including The Cancer Council, Fred Hollows Foundation and Canteen. The information of thousands of donors is believed to have been compromised.

Ms Blake said scammers may use leaked information to trick people into handing out further personal and financial information.

“The information reportedly released by hackers on the dark web is understood to include full names, date of birth, addresses, email addresses and phone numbers, which are highly sought after by scammers,” she said.

“Don’t click on links in emails and text messages, and just say no if anyone contacts you seeking access to your computer as legitimate organisations do not do this.

“Scammers use personal details to contact you pretending to be from a government agency, your bank or telecommunications provider, and claim to know information like your date of birth in order to gain your trust.

“To be extra cautious, we recommend changing the passwords on your email accounts and enable multi-factor authentication where this is available.”

Ms Blake also recommended asking questions when approached to make charitable donations.

“For those wonderful people who donate to charities, we always recommend dealing directly with the licensed charities themselves,” she said. 

“Should you be contacted electronically or via telephone, it is a good idea to find out if you are dealing directly with the charity or through a third-party collector who receives a fee for every donation they secure.

“This will allow you to make an informed decision on what fees are being taken from your donation and who you are giving your personal financial data to. 

“Dealing directly with your chosen charity means they may receive your donation in full and won’t expose your personal or financial details to an additional source.”

If you are the target or victim of a scam or believe your accounts have been compromised, lodge an online report via the Australian Cyber Security Centre (ACSC).

If you think you might be affected by this data breach and you are seeking practical guidance on protecting your identity, contact IDCARE, a national identity and cyber support service on 1800 595 160.

<ENDS>

Media Contact: Jasmine Sidhu, (08) 6552 9233 / 0429 078 791 / jasmine.sidhu@dmirs.wa.gov.au