Salvation Army refers itself to regulators following cyber security ‘incident’

The Salvation Army has alerted the Information Commissioner’s Office (ICO) and the Charity Commission as it investigates a cyber security incident.

A spokesperson for the charity confirmed that “we are investigating an IT incident affecting a number of our corporate IT systems. We have informed the Charity Commission and the Information Commissioner's Office, are also in dialogue with our key partners and staff and are working to notify any other relevant third parties”

The charity has not given any further details about the incident but has offered an assurance that its support services for beneficiaries have not been affected.

The spokesperson added: “We can also confirm that our services for the vulnerable people who depend on us are not impacted and continue as normal.”

The ICO has also confirmed that the Salvation Army “has made us aware of an incident and we are assessing the information provided”.

“People have the right to expect that organisations will handle their personal information securely and responsibly,” added an ICO spokesperson.

“If an individual has concerns about how their data has been handled, they should raise it with the organisation first, then report them to us if they are not satisfied with the response.”

Cyber security experts have urged charities to be on their guard against breaches to their IT systems following the incident at the Salvation Army.

Sam Curry, chief security officer of Cybereason said: “The fact that the Salvation Army confirmed an incident should be wake up call to every other non-profit organisation to improve their security hygiene.

“Non-profit organisations should be off limits to these types of attacks, but threat actors are soulless, profiteers and no industry or company is safe.”

Meanwhile, comforte AG product manager Trevor Morgan said: “No cyberattack is acceptable or warranted. Yet, most of us recoil strongly when charitable people and organisations like the Salvation Army become the targets of criminals.

“Every organisation—even a non-profit—has valuable data about its employee base as well as external customers and other contacts.

“This data must be guarded not only with perimeter-focused security but also with data-centric methods that protect the data itself.”

In March it emerged that more than a quarter of charities had fallen victim to a cyber-attack over the last year.

Larger charities, which conduct more of their business online, are more likely to fall victim to cyber-criminals. Attacks were cited by 51% of high-income charities, found the Department for Digital, Culture, Media and Sport survey.

    Share Story:

Recent Stories


How to elevate your non-profit storytelling with data and performance metrics.
Sage Intacct the non-profit financial management platform, takes a look at giving trends and insights.

What has the pandemic taught us about the public’s perception of charities?
In this episode of the Charity Times Leadership podcast, we take a look at what the pandemic has taught us about the public’s perception of charities. Charity fundraising platform, Enthuse, recently released its quarterly donor research study, which highlighted significant shifts in donor behaviour throughout the duration of the pandemic. Not only does the report highlight an overarching sense of positivity towards the sector, but a propensity for younger generations to give more generously, too. Lauren Weymouth is joined by Enthuse CEO, Chester Mojay-Sinclare to discuss more.

The importance of the ‘S’ in ‘ESG’
In this episode, Lauren Weymouth is joined by Ketan Patel, equities fund manager at EdenTree, to delve into the issue of social investment and why that all-important ‘S’ in ESG is more relevant now than ever before. The social element of ESG often gets forgotten when thinking about investing in more ethical and sustainable ways. But, after a challenging year for all areas of society, social injustice has been highlighted, and there’s a much greater need for charities to put people at the heart of their investment decisions.