NFP sector in Canberra cyber security talks

The Fundraising Institute of Australia (FIA), Public Fundraising Regulatory Association (PFRA), Australian Council for International Development (ACFID), Infoxchange and the Community Council for Australia (CCA) this week met with staff at the Department of Home Affairs to discuss cyber safety support for charities and not-for-profits.

The meeting follows the ransomware attack on Brisbane based charity telemarketer Pareto Phone, which resulted in a massive data breach that impacted more than 70 Australian and New Zealand charities.

More than 320,000 files and the data of at least 50,000 donors were dumped on the dark web. Hackers stole the data in April, before publishing the information in August.

Among the worst hit organisations were WWF Australia, the Australian Conservation Foundation and Plan International Australia.

The incident led to a warning from authorities to the sector to be wary of relying on third party providers who have access to their data.

Days after the Pareto breach in late August, CCA CEO David Crosbie wrote to Prime Minister Anthony Albanese and the Minister for Cyber Security Clare O’Neill calling on the government to better protect charities from cyberattacks.

The letter was co-signed by the 12 member CCA board, which includes Mission Australia CEO Sharon Callister, RSPCA Australia CEO Richard Mussell and Volunteering Australia CEO Mark Pearce.

Mr Crosbie told the Community Advocate this week that organisations such as the ACFID, Infoxchange and CCA were actively advocating for the cybersecurity needs of charities and NFPs to be taken much more seriously by governments across Australia.

The meeting this week appears to be a significant step toward being taken seriously.

“There’s no doubt that some progress is being made, and senior cybersecurity officials are increasingly becoming aware that more needs to be done to ensure charities are not left on their own without the resources or support needed to ensure a higher level of prevention and preparedness,” said Mr Cosbie.

“How this plays out over the next couple of federal budgets will be the real test of government’s commitment to seriously supporting charities and NFPs in this area.”

The Canberra meeting to discuss cyber security comes as fundraising software company Blackbaud settled a charity data breach court case in the United States.

The company agreed to pay more than $77 million to settle claims brought by 49 US states flowing from a 2020 data breach that exposed the sensitive information of more than 13,000 not-for-profits.