Our Daily Bread Ministries’ E-Commerce Website Admits Breach
Table of Contents
- By Steven
- Feb 07, 2023
Scammers often target religious congregations. As a whole, people who follow monotheistic religions (religions with only one god or deity) often find themselves to be more susceptible to scams due to a highly trusting nature usually associated with monotheistic religions. People who follow polytheistic religions (religions with multiple gods) tend to be less susceptible because polytheistic religions usually have gods associated with evil and deceit. Because of this, monotheistic religious people are often perfect targets for scammers.
How Did the Attack Occur?
The attack breached Our Daily Bread Ministries’ (ODBM) e-commerce site. The breach occurred between November 18 and December 29, 2022. The ministry offered very little insight into the breach; there was only a short sentence in its notice explaining that there was a disturbance on the website. The rest of the notice explained what information the hacker accessed, how to sign up for the offered credit monitoring, and numerous apologies for the events of the breach.
What Information Was Viewed or Stolen?
The hacker managed to access some incredibly personal information, though the details they accessed were less than many other breaches. They acquired emails, shipping addresses, names, phone numbers, and credit or debit card information.
How Did ODBM Admit to the Breach?
The ministry sent notification letters to the victims and the California Attorney General’s Office. “Upon learning of an issue, we immediately commenced a prompt and thorough investigation, which included working very closely with external cybersecurity professionals experienced in handling these types of incidents,” read the notice. “On or around January 4, 2023, our extensive forensic investigation led us to believe that the website intrusion may have allowed an unauthorized third party to access and/or acquire some of your personal information.”
What Will Become of the Stolen Information?
The stolen details’ fate depends on the hacker’s interests and skill level. It’s not easy to access the dark web, but if they know how, they can sell the information on the black market. There are also a lot of things that they could do on their own without selling the information. They could very easily use the cards they accessed for their own gain, as well as stalking the victims or attempting a violent crime, as the hack involved their names and addresses. There is also a chance that they could launch phishing scams on the victims.
What Should Affected Parties Do in the Aftermath of the Breach?
After any breach concerning personal information, especially one concerning address details, anyone affected should file a police report. This is both in case of identity theft and in case of any violent crime. Victims should sign up for credit and identity monitoring if there is any chance of identity theft associated with the breach. Especially after a breach (like this one) that took so long for the investigation to finish, there is increased danger, not only for people’s bank accounts but also their credit scores.