A data breach at the International Mission Board (IMB) may have exposed personal information of current and former employees, volunteers and applicants.
The IMB began a “comprehensive response” immediately upon discovering the cyber security incident on April 11 and promptly notified law enforcement officials, according to a statement released to Baptist Press on July 16.
IMB officials learned what information had been breached in early June but the letters sent to those affected were not sent out until July 6. That’s the day the North Carolina Biblical Recorder learned of the letter, contacted the IMB and released the first public information on the breach.
The Alabama Baptist reported the story that same day on its website.
The breach involved an “unknown external actor” gaining access to personnel records that contained names, addresses, birth dates, contact information, Social Security numbers and limited health information.
Rick Lance, executive director of the Alabama Baptist State Board of Missions, sent an e-mail to Alabama Baptist leaders on July 26 to make sure potential victims knew of the data breach and options for action.
In the e-mail, Lance said “many who have served during the past several years on IMB-related trips … should take note of information in the correspondence they receive from IMB.” Current and former IMB employees and job applicants should also take note, he wrote.
The IMB has offered one year of free identity theft protection services from MyIDCare to those whose information has been identified as part of the data breach but the deadline for enrollment is Oct. 5.
The IMB said investigations by law enforcement and independent digital forensic experts are ongoing. (TAB)