I just received an email from a very large and reputable non-profit organization with a subject line that took me all of one millisecond to open.

Subject: Important Notice: Security Breach

Normally I would mentally file this away to the ‘phishing’ email scams, but since the email came from CARE I opened it immediately hoping that my donation information from the past has not been ‘breached.’

Apparently, the only information that was taken from their database on or about October 23 - November 1 was your email address and password for maintaining your account information on CARE’s system.

It was not reported how many email addresses were taken, but with an organization the size of CARE - it could be a pretty big number.

What does this mean? Well, my thoughts are that these people are going to be getting a lot of spam pretty soon. And they will need to rebuild trust with CARE as an organization that takes PRIVACY of your data seriously - until they are hacked. Remember though, it it not their fault - but that of Convio who should be doing more to protect the data of it’s customers. A larger percentage of the bigger non-profits use Convio, so the problem could be wider than anticipated. And we could see a temporary increase in spam, and a decrease in overall responses over the next few weeks. (During this important year-end giving season)

BE PROACTIVE WITH YOUR CONSTITUENTS.

Now is a good time for ANY organization, regardless of email platform to make sure the data is safe, and send out an email communication that informs users to pay careful attention to any suspicious emails that are sent during this peak online/email giving time of year. It may be wise to include alternate methods of donating if you feel that your data has or could have been compromised. Create a special toll free number that is included ONLY in your email communications.

And remember to inform your constituents that you would NEVER ask for any personal or financial information.

You may need to skip your first November email appeal in order to take a step back and do some member/donor cultivation and let them know that their donations are safe.

We know this type of activity occurs occasionally, so it’s a good practice to inform more frequently to avoid potential fraudulent activities.

Filed under: Administration, Agency, Education and Training, Email Marketing, Non-Profits, Reputation Management on Tuesday, November 6th, 2007 by Serengeti Communications |
You can follow any responses to this entry through the RSS 2.0 You can leave a response, or trackback from your own site.