The Bible Society, a charity aimed at making the Scriptures available throughout the world, has been fined £100,000 (US$134,174) in the U.K. due to a computer security breach that allowed hackers to access records containing information about the organization's supporters.
The Information Commissioner's Office (ICO) said that hackers were able to guess the "weak password" of one of the organization's databases that contained the addresses, telephone numbers and bank details of about 417,000 backers.
According to The Telegraph, the database account, which was set up in 2009, was secured by a password that was similar to the username. The ICO said that the hackers, who carried out the cyber attack in November 2016, used "brute force" to guess the password and deployed ransomware that encrypted the organization's files on its open network.
"The Bible Society failed to protect a significant amount of personal data and exposed its supporters to possible financial or identity fraud," the ICO stated, as reported by Premier.
"Our investigation determined that it is likely that the religious belief of the 417,000 supporters could be inferred, and the distress this kind of breach can cause cannot be underestimated," it continued.
The Register reports that the hackers were able to transfer some files, but there was no permanent damage to the organization's data.
The files retrieved by the hackers reportedly included the contact information of the charity's supporters, 27,800 bank details with account numbers and 1,020 payment card details.
The ICO concluded that the charity had been targeted by the hackers in order to extract a ransom payment but added that the society had fully cooperated with the investigation and had taken steps to remedy the situation.
Most of the charity's work involves translation of the Bible, but it is also trying to find more ways to promote the Scriptures to various sectors of society.
The Bible Society reportedly received a 20 percent discount on the fine for prompt payment of the fine and it stressed that no donations were used to settle the penalty.
In a statement, the charity said that none of its backers had reported any breach on their account and "there is no evidence of any material effect on supporters."
It said that the hackers were able to carry out the cyber attack "because of a vulnerability in a single isolated account which had been overlooked" but said no other accounts had been affected by the attack.
"We remain vigilant regarding cyber security threats and have taken all possible steps to ensure that the risk of a future breach is minimised," the Bible Society added, as reported by Premier.
