MS Society warns website users their personal details might have been compromised

The charity has discovered malicious software on its systems, suggesting an attempt at hacking took place

Cyber attack: possibility at the MS Society
Cyber attack: possibility at the MS Society

The MS Society has written to approximately 25,000 of its website users to warn them that their personal information might have been compromised by a cyber attack.

The charity said it had discovered malicious software on its website systems that could mean it had been subject to a hacking attempt.

People who might have been affected include those who are registered with the charity’s online forum, who have contacted it through the "contact us" form on its website or have made requests for information by email or telephone.

Information that might have been accessed included names and contact details, the charity said.

The society said the potential breach was unconnected to the system that it used to process donations, so no financial information was at risk. It said it had informed the Information Commissioner’s Office and the Charity Commission.

The charity apologised and advised users to change as soon as possible their passwords for the website and any others for which they used the same passwords. But it said the password details were encrypted using a highly secure system so it was unlikely anybody would be able to access it.

Michelle Mitchell, chief executive of the MS Society, said the charity had worked as quickly as possible to identify those who might have been affected and to contact them as soon as they could.

"We are extremely shocked that we have been targeted in this way and will conduct a full investigation into what happened," she said. "This will include looking at why our existing security systems did not prevent this sophisticated, malicious attack.

"The security of the information we hold is of the utmost importance to us and we have taken immediate steps to improve our website systems. We can provide reassurance that we have since upgraded the levels of security on our website systems."

The society said it had set up a dedicated helpline to answer any queries about the potential breach. It can be reached on 0800 151 2391 or 0330 159 3820.

The line will be open between 9am and 8pm Monday to Friday and between 9am and 6pm on Saturday and Sunday.

Before commenting please read our rules for commenting on articles.

If you see a comment you find offensive, you can flag it as inappropriate. In the top right-hand corner of an individual comment, you will see 'flag as inappropriate'. Clicking this prompts us to review the comment. For further information see our rules for commenting on articles.

comments powered by Disqus