The U.S. Fund for UNICEF recently began notifying an undisclosed number of donors that their information may have been exposed when hackers accessed the Fund's servers on or about November 4, 2013 (h/t DataBreaches.net).
When the breach was discovered on December 2, 2013, the Fund took the affected server online and began working to determine what information had been accessed. "While our investigation into this incident is ongoing, the initial results have determined that the unauthorized access was limited to one server," Fund COO and CFO Edward G. Lloyd wrote in the notification letter [PDF]. "We have taken measures to ensure this type of exposure does not occur again."
The data potentially exposed includes donors' names, telephone numbers, e-mail addresses, bank account numbers, credit card numbers, security codes and expiration dates.
"Though we are vigilant in protecting the privacy of our donors, there are clearly unscrupulous entities seeking to access our information systems," Lloyd added. "We are saddened at this occurrence, and I apologize for any inconvenience or concern that this may have caused. We hope we can enjoy your support in the future."
All those affected are being offered one year of free identity protection services from AllClear ID.