Welcome Back!

You have Gifts for Good in your basket.

Welcome Back!

Last time you were here, you were looking to help vulnerable children and families. Your support can save and change lives.

Slide Pareto Phone data breach
Frequently asked questions

On 10 August 2023 we were informed that one of our previous service providers, Pareto Phone, experienced a cyber incident that impacted ChildFund Australia and over 70 charities across Australia.

Pareto Phone is a telemarketing company that provided phone and other services to Australian charities. ChildFund Australia engaged Pareto Phone’s services between 2014 and 2018.

In April 2023, Pareto Phone experienced a cyber incident which resulted in access to their systems by an unauthorised third party. Pareto Phone investigated the incident but could not tell what data may have been accessed by that third party at that time.  Pareto Phone took steps to contain the incident and protect its systems from ongoing access.

On 8 August 2023, the unauthorised third party published (on its external dark web leak site) a listing of the data that it claimed to have obtained from Pareto Phone’s systems. On 10 August 2023 we were informed by Pareto Phone that ChildFund Australia and over 70 charities across Australia were affected by the cyber incident at Pareto Phone.

Subsequently on 14 August 2023, the unauthorised third party published the actual data on the dark web, but we understand the documents have only been accessible intermittently.

Since August, our team has been working closely with Pareto Phone and our own external cyber security advisors to conduct a further investigation into precisely what data has been impacted.

We deeply regret that some of our supporters’ information has been compromised by the breach of Pareto Phone’s systems and are notifying our valued supporters who have been affected by the recent cyber-attack.

Frequently Asked Questions

Pareto Phone are a telemarketing agency which specialises in charity fundraising.  ChildFund Australia employed their services from 2014 to 2018.

On 10 August 2023, Pareto Phone notified ChildFund Australia that data belonging to ChildFund Australia had been impacted in a cyber incident that occurred in April 2023. ChildFund Australia were not notified by Pareto Phone in April as Pareto Phone were not aware of the extent of the breach. ChildFund Australia was one of over 70 charities impacted.

Pareto Phone provides phone and other services to Australian charities. This data was supplied so that Pareto could contact prospective supporters and existing donors about fundraising campaigns.
In 2018, ChildFund Australia ended its contract with Pareto Phone.

The breach is limited to a subset of donors and their sponsored children, who supported ChildFund Australia between 2014 and 2018. A number of sponsored children were also impacted.

This breach does not affect any donors who have joined ChildFund Australia after 2018.

The data obtained during the breach included contact details for our supporters during the 2014 to 2018 period; including email address, date of birth, mailing address, and information about child sponsorships with ChildFund Australia at this time. Phone numbers were not obtained.

Financial details such as bank accounts and credit card information have not been obtained. Also, as personal identity data such as passport numbers and drivers’ licenses are not collected by ChildFund Australia, this type of information was also not involved.

Our existing safeguarding procedures mean that the children involved in our sponsorship programs remain safe and no contact details of children were shared.  However, it is possible that the details released in the breach could be used to make a convincing and targeted communication to you, posing as ChildFund.

Supporters who have been impacted by the breach are being directly notified via email.

If you have any questions, or believe you have been impacted, please contact the ChildFund Australia Supporter Relations team on 1800 023 600 or email info@childfund.org.au