We are writing to let you know about a data security incident that may have involved your personal information. La Leche League International (LLLI) takes the protection and proper use of your information very seriously. We are therefore contacting you to explain the incident and provide you with steps you can take to protect yourself.
LLLI, along with many non-profits, utilizes software to track our donations and contact information of Leaders, Leader Applicants, and donors. We were recently notified by this third-party service provider of a security incident. At this time, we understand they discovered and stopped a ransomware attack. After discovering the attack, the service provider’s Cyber Security team—together with independent forensics experts and law enforcement— successfully prevented the cybercriminal from blocking their system access and fully encrypting files; and ultimately expelled them from their system. Prior to locking the cybercriminal out, the cybercriminal removed a copy of our backup file containing your personal information. This occurred at some point beginning on February 7, 2020 and could have been in there intermittently until May 20, 2020. LLLI was informed of this breach on Thursday July 16, 2020 and took immediate action in contacting our advisors and legal consultation.
What Information Was Involved?
It’s important to note that the cybercriminal did not access your credit card information, bank account information, or social security number. However, it was determined that the file removed may have contained your contact information and a history of your relationship with our organization, such as donation dates and amounts.
Because protecting customers’ data is their top priority, our third-party service provider paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, their research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.
What Are We Doing?
We are notifying you so that you can take immediate action to protect yourself. Ensuring the safety of our constituents’ data is of the utmost importance to us. As part of their ongoing efforts to help prevent something like this from happening in the future, our third-party service provider has already implemented several changes that will protect your data from any subsequent incidents. First, the provider’s teams were able to quickly identify the vulnerability associated with this incident, including the tactics used by the cybercriminal, and took swift action to fix it.
What You Can Do
As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper law enforcement authorities.
For More Information
La Leche League International
110 Horizon Drive, Suite 210
Raleigh, NC 27615