RELIGION

A cyberattack breached some Latter-day Saint member data. Here’s what we know

Oct 13, 2022, 1:35 PM | Updated: Nov 21, 2022, 11:50 pm

SALT LAKE CITY – A suspected state-sponsored cyberattack on The Church of Jesus Christ of Latter-day Saints in March successfully obtained the personal data of some church members, employees and contractors, but law enforcement authorities believe the risk to individuals is low, the church said in a release Thursday.

The breach did not include banking information or donation history, the church said.

The church is notifying those affected by email ksl.com reported. It also is providing phone numbers people can call with questions about the breach. (See below.)

“We have no indication that any of your personal data has been misused or published,” according to the church release. “We recommend that you remain vigilant about the security of your personal data by monitoring your personal accounts, frequently changing passwords, selecting strong and different passwords for every account and taking action on any suspicious activity. You should promptly report to law enforcement authorities any fraudulent activity, scam or identity theft.”

The breach occurred on March 23, but federal investigators asked the church not to release information about the cyber assault while their investigation was underway. Law enforcement authorities lifted that request Wednesday, the release said.

Rod Buhler is a cyber security professor at Salt Lake Community College, he said he’s not surprised the FBI asked the Church to keep the breach confidential until now.

“After the robber takes your stuff you’d like to follow them for a little bit to figure out who they are.
And in our world that’s a little bit of time to be able to follow the pathways to where they are,” he said.

“U.S federal law enforcement authorities suspect that this intrusion was part of a pattern of state-sponsored cyberattacks aimed at organizations and governments around the world that are not intended to cause harm to individuals,” the church statement said.

Buhler said it’s a narrow list of suspects, “Russia, China, state-sponsored, you know the bad actors in the world.”

The stolen data included personal information that church members or employees provided to the church, including basic contact information such as a person’s username in the system, membership record number, full name, gender, email address, birthdate, mailing address, phone number, and preferred language, the release said.

Buhler said to be on alert for any suspicious emails or phone calls from anyone claiming association with the Church.

“They have all our information, now they’re just syncing that information up so they can figure out a way to get you. If they can call up and say they’re a member of the church maybe you’ll listen to them a little bit more, or contact you with an email that looks like it comes from the church,” he said.

He also recommended changing the password on your church account, and if it’s the same password you use for any other accounts change those too.

The church’s statement came amid frequent headlines about cyber attacks, including state-sponsored cyber assaults.

On Monday, an attacker within the Russian Federation attacked some of the largest U.S. airports, ABC News reported.

On Thursday, a cyberattack forced the closure of an Australian insurer, which took its systems offline and halted trading on its shares. Attackers breached the data of 10 million customers of an Australian bank late last month, Reuters reported.

The city of Tucson, Arizona, recently reported a May attack that compromised the information of 123,500 people. The city worked with forensic experts to investigate the incident. The city reported the attack this fall after the investigation ended, according to SecurityAffairs.co.

“We take protecting the personal data entrusted to us seriously and are taking every action to keep your information safe,” the church said. “We have been working with external forensic experts, U.S. federal law enforcement and other cybersecurity professionals to investigate the incident and further enhance the security of church systems.”

The church’s full statement follows:

Statement and FAQ on church account data incident

In late March 2022, The Church of Jesus Christ of Latter-day Saints detected unauthorized activity in certain computer systems that affected personal data of some church members, employees, contractors, and friends. The affected data did not include donation history or any banking information associated with online donations.

Since that time, we have been working with U.S. federal law enforcement authorities and third-party cybersecurity experts to establish the origin, nature, and scope of this incident and to mitigate possible impacts. Law enforcement authorities believe the risk that the information will be used to harm individuals is low and our monitoring efforts have not identified any attempts of harmful use.

At the request of these law enforcement authorities, we have not shared information about the incident as they have conducted their investigation until Oct. 12, 2022.

We are now notifying those who may have been impacted, even where this is not legally required. Anyone with questions about the security of their information can learn more by referencing the frequently asked questions below.

Protecting the confidential information of our members, employees, contractors, and friends is critical. We continue to do all we can to ensure such information is safeguarded.

FAQ

  1. What happened?

On March 23, 2022, The Church of Jesus Christ of Latter-day Saints, a Utah corporation sole (CHC) detected unauthorized access to certain computer systems. We immediately notified federal law enforcement authorities in the United States and were asked to keep the incident confidential to protect the integrity of the investigation. This instruction was lifted on Oct. 12, 2022, and we notified affected individuals. U.S federal law enforcement authorities suspect that this intrusion was part of a pattern of state-sponsored cyberattacks aimed at organizations and governments around the world that are not intended to cause harm to individuals.

  1. What personal information was affected?

The breached systems contain personal data, including basic contact information, of members of The Church of Jesus Christ of Latter-day Saints. The data accessed may include, if you provided it, your username, membership record number, full name, gender, email address(es), birthdate, mailing address, phone number(s), and preferred language. The affected data did not include donation history, or any banking information associated with online donations.

  1. Who can I talk to about this?

If you have further questions or concerns, please call:

Engagement Number: B058764

In the United States

English toll-free number: 1-833-559-0435

Spanish toll-free number: 1-833-559-0612

Monday–Friday, 7:00 a.m.–9:00 p.m. Mountain Time (MT); Saturday and Sunday, 9:00 a.m.–6:00 p.m. (MT), excluding major U.S. holidays.

Outside the United States

Outside the United States: toll +1 (346) 278-3020, Monday through Friday, 7:00 a.m.–9:00 p.m. Mountain Time (MT); Saturday and Sunday, 9:00 a.m.–6:00 p.m. MT (excluding major U.S. holidays).

United Kingdom English toll-free number: +44 (0800) 408 1788, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Philippines English toll-free number: +63-1800-13120083, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Australia English toll-free number: +61 (1800) 434165, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

New Zealand English toll-free number: +64 800-445108, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Portuguese toll-free number: +55-0800-450-0035, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

German toll-free number: +49 (0800) 673 8190, Monday through Friday, 7:00 a.m.–5:00 p.m. (BT); Saturday and Sunday, 7:00 a.m.–4:00 p.m. (BT)

French toll-free number: +33 080 510 9939, Monday through Friday, 7:00 a.m.–5:00 p.m. (BT); Saturday and Sunday, 7:00 a.m.–4:00 p.m. (BT)

  1. What is the church doing to prevent this from happening again?

We take protecting the personal data entrusted to us seriously and are taking every action to keep your information safe. We have been working with external forensic experts, U.S. federal law enforcement, and other cybersecurity professionals to investigate the incident and further enhance the security of church systems.

  1. What steps do I need to take?

We have no indication that any of your personal data has been misused or published. We recommend that you remain vigilant about the security of your personal data by monitoring your personal accounts, frequently changing passwords, selecting strong and different passwords for every account, and taking action on any suspicious activity. You should promptly report to law enforcement authorities any fraudulent activity, scam, or identity theft.

  1. Why did the church have my data?

The personal data involved was the result of the creation of an online church account or the result of employment with the church.

  1. Did you report this to a data regulator or data protection authority?

We have notified relevant data protection authorities.

  1. How can I find out if my personal data was involved?

If you did not receive a notification email, it is unlikely your personal data was involved.

  1. Why did it take so long to notify me?

The church was coordinating with law enforcement authorities and was asked to keep the incident confidential to protect the integrity of the investigation. This instruction was lifted on Oct. 12, 2022.

KSL 5 TV Live

Top Stories

Religion

(The Church of Jesus Christ of Latter-day Saints)...
Madison Swenson

First Presidency of the Church releases 2022 Christmas message

The First Presidency of The Church of Jesus Christ of Latter-day Saints has released a Christmas message.
1 day ago
Elder Rich, a missionary for The Church of Jesus Christ of Latter-day Saints, is shown check-in ins...
Madison Swenson

Church opening six new missions in 2023

The Church of Jesus Christ of Latter-day Saints announced Wednesday that they will be opening six new missions overseas in 2023.
3 days ago
(Jed Boal/KSL TV)...
Jed Boal

‘Light the World’ giving machines open at Salt Lake shopping center

The annual "Light the World" giving machines kicked off at City Creek Center in Salt Lake City Tuesday.
4 days ago
Podcast Latter Gay Stores (left) and LGBTQ group Peculiar (right). (KSL-TV)...
Mike Anderson

Utah groups hopes to bridge religious and LGBTQ communities

Local groups in Utah are working to help people in the LGBTQ community feel more welcome and more understood.
5 days ago
(Brian Champagne)...
Aimee Cobabe, KSL Newsradio & Eliza Pace, KSL TV

Historic Logan Tabernacle vandalized

Police in Logan are investigating vandalism at a historic tabernacle for the Church of Jesus Christ of Latter-day Saints. 
5 days ago
Artist's rendering of the Saratoga Springs Utah Temple. (Intellectual Reserve, Inc.)...
Madison Swenson

Open house, dedication dates for Saratoga Springs Utah Temple announced

Open house and dedication dates for the Saratoga Springs Utah Temple of The Church of Jesus Christ of Latter-day Saints have been released.
5 days ago

Sponsored Articles

house with for rent sign posted...
Chase Harrington, president and COO of Entrata

Top 5 reasons you may want to consider apartment life over owning a home

There are many benefits of renting that can be overshadowed by the allure of buying a home. Here are five reasons why renting might be right for you.
Festive kitchen in Christmas decorations. Christmas dining room....
Lighting Design

6 Holiday Decor Trends to Try in 2022

We've rounded out the top 6 holiday decor trends for 2022 so you can be ahead of the game before you start shopping. 
Happy diverse college or university students are having fun on their graduation day...
BYU MBA at the Marriott School of Business

How to choose what MBA program is right for you: Take this quiz before you apply!

Wondering what MBA program is right for you? Take this quiz before you apply to see if it will help you meet your goals.
Diverse Group of Energetic Professionals Team Meeting in Modern Office: Brainstorming IT Programmer...
Les Olson

Don’t let a ransomware attack get you down | Protect your workplace today with cyber insurance

Business owners and operators should be on guard to protect their workplace. Cyber insurance can protect you from online attacks.
Hand turning a thermostat knob to increase savings by decreasing energy consumption. Composite imag...
Lighting Design

5 Lighting Tips to Save Energy and Money in Your Home

Advances in lighting technology make it easier to use smart features to cut costs. Read for tips to save energy by using different lighting strategies in your home.
Portrait of smiling practitioner with multi-ethnic senior people...
Summit Vista

How retirement communities help with healthy aging

There are many benefits that retirement communities contribute to healthy aging. Learn more about how it can enhance your life, or the life of your loved ones.
A cyberattack breached some Latter-day Saint member data. Here’s what we know