Cyber Incident Victim: MyCause

In June and July 2014, an international hacking operation compromised the MyCause charity website, exposing credit card details of up to 12,000 donors who contributed through the Australian fundraising platform. The attackers stole financial data during the two-month breach window and subsequently used it to conduct fraudulent transactions across multiple regions, including the United States, Europe, and the United Arab Emirates. MyCause founder Tania Burstin confirmed the breach after fraudulent activity was detected on victims' accounts, noting the website's security had met industry compliance standards prior to the incident. The attackers specifically targeted MyCause as a recognized charity platform, exploiting its public profile to access donor information. Burstin stated the organization was enhancing its anti-fraud protections in response, though no technical details about the attack vector or intrusion methods were disclosed.

The breach caused direct financial harm to donors, with at least two confirmed cases illustrating the scope of losses. Canberra resident Emma Barnes incurred a fraudulent $3,000 charge at Walmart in the United States after donating to support a friend's family affected by cancer. Melbourne donor Sergio Correa suffered over $1,500 in unauthorized charges following his contribution to fund a sports team's competition in China. Both victims expressed frustration that their charitable actions resulted in financial exploitation, with Correa indicating he would exercise greater caution with future online donations. MyCause did not disclose whether charities or fundraiser recipients experienced secondary impacts from the breach. The incident remained under investigation with no attribution to specific threat actors or details about containment measures beyond the planned security enhancements.