The Church of Jesus Christ of Latter-day Saints released a statement on Oct. 13 about a data breach earlier this year involving the personal information of church members, employees, contractors and others affiliated with the Church.
The statement said they “detected unauthorized access to certain computer systems” on March 23 and immediately notified federal law enforcement. According to the statement, federal investigators asked the Church to keep the incident confidential to preserve the “integrity of the investigation,” but that instruction was lifted Oct. 12.
The breach involved basic contact information, membership record numbers and birthdates. Donation histories and bank information from online donations were not affected, according to the statement.
The data came from members, employees, contractors and other friends of the Church who have used personal information to create a Church account or for employment.
The Church said they are working with cybersecurity professionals and federal law enforcement to investigate the incident and prevent anything similar from happening in the future. Members were encouraged to check up on their personal data security.
“We recommend that you remain vigilant about the security of your personal data by monitoring your personal accounts, frequently changing passwords, selecting strong and different passwords for every account, and taking action on any suspicious activity,” the Church said in their statement.
There is no indication that any of the information has been used maliciously or published anywhere, according to the statement.
“Law enforcement authorities believe the risk that the information will be used to harm individuals is low and our monitoring efforts have not identified any attempts of harmful use,” the statement reads.
The statement said individuals whose data was involved will be notified.