RICHMOND, Va. (BP) – A data breach occurred at the International Mission Board that may have exposed personal information of current and former employees, volunteers and applicants.
The Southern Baptist entity began a “comprehensive response” immediately upon discovering the cyber security incident and promptly notified law enforcement officials, according to a statement released to Baptist Press July 16, parallel to one released to North Carolina Baptists’ newsjournal, the Biblical Recorder, on July 12.
The IMB said it “deeply regrets any inconvenience or concern this security compromise may cause” and emphasized that newly implemented protections “will improve our ability to detect and respond to threats to our data networks.”
The IMB began contacting individuals potentially affected by the “unauthorized intrusion” on July 6, offering free enrollment in an identity protection and credit monitoring program, as well as access to a toll-free call center for inquiries and assistance.
One of the letters mailed to potentially affected individuals was obtained by the Recorder. It said the IMB “discovered unusual activity in our IT network” on April 11.
Investigations by law enforcement and independent digital forensic experts are ongoing, the IMB said. Investigators confirmed to the IMB that an “unknown external actor” gained access to personnel records that contained names, addresses, birth dates, contact information, Social Security numbers and limited health information.
The breach did not affect the IMB’s financial systems, email systems or operational records, the statement said, and that IMB officials have received no indication to date that the compromised data has been misused.