LDS Church Hacked, Membership Records Stolen

[Sunain]

Always knew the church didn't take cybersecurity or computer technology seriously. Glad I was promoted by the spirit to not give the church my current address and gave them a spam email. Already had members abusing that information in the past. Now *some state* has a list of members of the church and a list of who probably has guns and food storage.

Cyberattack targets LDS Church, accesses info of some members and employees
Feds suspect a state-sponsored hit; Utah-based faith says personal financial data was untouched.
(Francisco Kjolseth | The Salt Lake Tribune) The Church Office Building, shown in March. The Church of Jesus Christ of Latter-day Saints reported Thursday that some of its computer systems were breached.
By Peggy Fletcher Stack | Oct. 13, 2022, 5:05 p.m.| Updated: Oct. 14, 2022, 12:47 a.m.

The Church of Jesus Christ of Latter-day Saints reported Thursday that some of its computer systems — which included personal data of some members, employees, contractors and friends — were breached on March 23.

The compromised materials “did not include donation history or any banking information,” according to a news release.

Officials at the Utah-based church, with a global membership of 16.8 million, have been working with U.S. law enforcement authorities and third-party cybersecurity experts, the release added, “to establish the origin, nature and scope of this incident and to mitigate possible impacts.”

These experts believe the risk that the information will be used to harm individuals “is low,” the church said, and they have not yet identified any attempts of harmful use.
Powered by Formstack

Federal officials suspect that this intrusion “was part of a pattern of state-sponsored cyberattacks aimed at organizations and governments around the world,” the church said, “that are not intended to harm individuals.”

The reason this is all coming to light now is because law enforcement asked the church not to share information about the breach to protect the investigation. That request was removed on Oct. 12.

The church is now notifying affected individuals, alerting them the personal data may include usernames, membership record numbers, full name, gender, email address, birthdate, mailing address, phone numbers and preferred language. It also is urging them to be vigilant in monitoring their personal accounts.

“Protecting the confidential information of our members, employees, contractors and friends is critical,” the release said. “We continue to do all we can to ensure such information is safeguarded.”

Statement and FAQ on Church Account Data Incident
In late March 2022, The Church of Jesus Christ of Latter-day Saints detected unauthorized activity in certain computer systems that affected personal data of some Church members, employees, contractors, and friends. The affected data did not include donation history or any banking information associated with online donations.

Since that time, we have been working with U.S. federal law enforcement authorities and third-party cybersecurity experts to establish the origin, nature, and scope of this incident and to mitigate possible impacts. Law enforcement authorities believe the risk that the information will be used to harm individuals is low and our monitoring efforts have not identified any attempts of harmful use.

At the request of these law enforcement authorities, we have not shared information about the incident as they have conducted their investigation until October 12, 2022.

We are now notifying those who may have been impacted, even where this is not legally required. Anyone with questions about the security of their information can learn more by referencing the frequently asked questions below.

Protecting the confidential information of our members, employees, contractors, and friends is critical. We continue to do all we can to ensure such information is safeguarded.  

FAQ

What happened?
What personal information was affected?
Who can I talk to about this?
What is the Church doing to prevent this from happening again?
What steps do I need to take?
Why did the Church have my data?
Did you report this to a data regulator or data protection authority?
How can I find out if my personal data was involved?
Why did it take so long to notify me?

1. What happened?

On March 23, 2022, The Church of Jesus Christ of Latter-day Saints, a Utah corporation sole (CHC) detected unauthorized access to certain computer systems. We immediately notified federal law enforcement authorities in the United States and were asked to keep the incident confidential to protect the integrity of the investigation. This instruction was lifted on October 12, 2022, and we notified affected individuals. U.S federal law enforcement authorities suspect that this intrusion was part of a pattern of state-sponsored cyberattacks aimed at organizations and governments around the world that are not intended to cause harm to individuals.

2. What personal information was affected?

The breached systems contain personal data, including basic contact information, of members of The Church of Jesus Christ of Latter-day Saints. The data accessed may include, if you provided it, your username, membership record number, full name, gender, email address(es), birthdate, mailing address, phone number(s), and preferred language. The affected data did not include donation history, or any banking information associated with online donations.

3. Who can I talk to about this?

If you have further questions or concerns, please call:

Engagement Number: B058764

In the United States

English toll-free number: 1-833-559-0435

Spanish toll-free number: 1-833-559-0612

Monday–Friday, 7:00 a.m.–9:00 p.m. Mountain Time (MT); Saturday and Sunday, 9:00 a.m.–6:00 p.m. (MT), excluding major U.S. holidays.

Outside the United States

Outside the United States: toll +1 (346) 278-3020, Monday through Friday, 7:00 a.m.–9:00 p.m. Mountain Time (MT); Saturday and Sunday, 9:00 a.m.–6:00 p.m. MT (excluding major U.S. holidays).

United Kingdom English toll-free number: +44 (0800) 408 1788, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Philippines English toll-free number: +63-1800-13120083, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Australia English toll-free number: +61 (1800) 434165, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

New Zealand English toll-free number: +64 800-445108, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

Portuguese toll-free number: +55-0800-450-0035, Monday through Friday, 8:00 a.m.–6:00 p.m. (BT); Saturday and Sunday, 8:00 a.m.–5:00 p.m. (BT)

German toll-free number: +49 (0800) 673 8190, Monday through Friday, 7:00 a.m.–5:00 p.m. (BT); Saturday and Sunday, 7:00 a.m.–4:00 p.m. (BT)

French toll-free number: +33 080 510 9939, Monday through Friday, 7:00 a.m.–5:00 p.m. (BT); Saturday and Sunday, 7:00 a.m.–4:00 p.m. (BT)

4. What is the Church doing to prevent this from happening again?

We take protecting the personal data entrusted to us seriously and are taking every action to keep your information safe. We have been working with external forensic experts, U.S. federal law enforcement, and other cybersecurity professionals to investigate the incident and further enhance the security of Church systems.

5. What steps do I need to take?

We have no indication that any of your personal data has been misused or published. We recommend that you remain vigilant about the security of your personal data by monitoring your personal accounts, frequently changing passwords, selecting strong and different passwords for every account, and taking action on any suspicious activity. You should promptly report to law enforcement authorities any fraudulent activity, scam, or identity theft.

6. Why did the Church have my data?

The personal data involved was the result of the creation of an online Church account or the result of employment with the Church.

7. Did you report this to a data regulator or data protection authority?

We have notified relevant data protection authorities.

8. How can I find out if my personal data was involved?

If you did not receive a notification email, it is unlikely your personal data was involved.

9. Why did it take so long to notify me?

The Church was coordinating with law enforcement authorities and was asked to keep the incident confidential to protect the integrity of the investigation. This instruction was lifted on October 12, 2022.

[Reluctant Watchman]

And why were they asked to wait 6 months before telling anyone?

[tribrac]

Very noble of them to be concerned for their friends in law enforcement and wait 6 months to warn me I should be vigilant watching my accounts.

[JK4Woods]

… “Some Members Information was Accessed…”

Like 20 …?? Or like Ten million…??

Spokesman being disingenuous as usual…

[tribrac]

I know....why does everything that come out of CHQ have to sound so robotic plastic fake?

It's creepy that the women look & act like Stepford Wives and the men are in a trance.

[Lizzy60]

I know....why does everything that come out of CHQ have to sound so robotic plastic fake?

It's creepy that the women look & act like Stepford Wives and the men are in a trance.

I used to wonder why a particular woman in my ward always looked like she was auditioning for a general presidency job — — and it was the perfect hair, perfect suit, and the cadence of her speaking voice when at the pulpit. Very Stepford wife/general women’s leader attitude.

She won’t read this, she has gone to be with Jesus.

[inho]

And why were they asked to wait 6 months before telling anyone?

I was wondering the same. I am not blaming the church for this, but why did the law enforcement ask them to do that? I thought the first thing to do in breaches like this is to notify the people affected as soon as possible.

By the way, my sister received an email from the church that her information was stolen. I didn’t. We might have been in different wards at the time of the attack (I think she had already moved to my ward), but we were definitely in the same stake. And we have the same last name. So not sure how the data was organized. Maybe they just got a random dataset.

[NowWhat]

I said, "We should change our Church password." He said, "Why? Are you afraid someone might hack into your site and finish up your genealogy?"

[Bbhector]

Musta been the Russians

[Mamabear]

And why were they asked to wait 6 months before telling anyone?

At least they didn’t wait as long as they did to keep ensign peak a secret. Like 23 years or something? Oh wait I forgot it wasn’t the church that released that news it was a whistleblower. Oops. We need more of those

[oneClimbs]

Very noble of them to be concerned for their friends in law enforcement and wait 6 months to warn me I should be vigilant watching my accounts.

They informed law enforcement right away but were told to not say anything. This is possibly to not scare away the hackers because they were watching them and trying to catch them. If the church published anything it could have compromised an investigation allowing perpetrators to escape and potentially do more damage.

[tribrac]

So they waited 6 months to trap the hackers?

How many hackers did they catch then?

[LostCreekAcres]

Husband received this notice. Not happy at all. Already feeling betrayed by the church. This didn't help.

[InfoWarrior82]

All is well! Alllllllll is wellllllllllllll.

Watch, they'll blame it on Russia.

[TheDuke]

don't recall the movie very well, but what exactly was wrong with the new stepford wives?

[Niemand]

don't recall the movie very well, but what exactly was wrong with the new stepford wives?

They were a bit plastic.

[BeNotDeceived]

Musta been the Russians

Commie Bastards Rule.

[BuriedTartaria]

Not so untouchable. Downgraded from protection from all but a hallowed hand. Expect more to be stolen and leaked. The excessive temple building (there's no way all of these temples are being used anywhere close to full capacity) is a front to make it seem like it's still a growing church.

[InfoWarrior82]

I recently got a password change request email for my account. I did not request the change. This was about a month or two ago. I thought it was weird but shrugged it off and deleted it.

[Silver Pie]

I didn't see this, and started a thread. I'll post a link to this thread. No need for two of them on this topic.

[Niemand]

Not so untouchable. Downgraded from protection from all but a hallowed hand. Expect more to be stolen and leaked. The excessive temple building (there's no way all of these temples are being used anywhere close to full capacity) is a front to make it seem like it's still a growing church.

Apart from my regret that we've never managed to get a temple here in Scotland, our local one at Preston is dying and it has been sabotaged by the leadership.

Firstly, there is the fact you now have to book to use it. Great except it deters casual visitors, and ignores the fact many of its users are elderly and not tech savvy, so many don't go. They've kept this going after this Covid scare has died down.

Secondly, the FP closed the canteen. Bad idea for a variety of reasons. It was a social space for one.

Thirdly, the current temple president has banned ward visits. How crazy is that? I was discussing this with my bishop recently, he's not a fan of this policy either and we were trying to develop workarounds. Everything must be through the stake. There are more remote units than ours - up in the islands for example, and they've been banned from having branch/ward visits.

The result? The temple which serves all of Scotland and Ireland, and a huge chunk of England and Wales, is barely being attended. Oh and then there's the masks.

[BenMcCrea]

I’ve heard that details of Church members confessions and disciplinary hearings have also been hacked along with personal details like names, addresses, phone numbers, email addresses, bank details etc

[Sunain]

I’ve heard that details of Church members confessions and disciplinary hearings have also been hacked along with personal details like names, addresses, phone numbers, email addresses, bank details etc

If that's true, the church will be sued into oblivion. Information like that has data security requirements in most countries. It's already bad enough that bishopric and stake presidencies can add annotations to membership records without the consent or knowledge of the member.

[Niemand]

I’ve heard that details of Church members confessions and disciplinary hearings have also been hacked along with personal details like names, addresses, phone numbers, email addresses, bank details etc

Wouldn't surprise me. At least they don't have my bank details.

It is odd that there is someone in Russia, Nigeria or China reading about which twelve year olds masturbate or who has a coffee addiction.

[BenMcCrea]

You know it’s pretty serious when the Church have set up multiple helplines all over the world. Members could be subject to blackmail.