Cyber Incident Victim: Perspectives

In September 2014, attackers exploited a vulnerability in the Perspectives religious education website, gaining unauthorized access to a database containing eCheck payment information for transactions. The breach was not discovered until months later, prompting the organization to temporarily disable payment processing options during spring registrations, one of its busiest operational periods. Intruders additionally published hidden advertisements for abortion pills on sections of the site, though these were not visible to regular visitors. Perspectives leadership speculated these ads were placed to manipulate search engine rankings for pages controlled by the attackers, though malvertising risks could not be ruled out. The organization acknowledged employing encryption standards comparable to major financial institutions for transmitting financial data but treated all accessed information as compromised despite finding no evidence of personal data theft.

The incident prompted Perspectives to implement enhanced security protocols, including increased encryption measures beyond previous levels and regular vulnerability testing. Immediate response actions involved reconstructing the production database to restore data integrity and collaborating with law enforcement to identify the perpetrators. Affected individuals who used eCheck payments were advised to consult their financial institutions regarding potential risks. Perspectives framed its post-breach measures as long-term operational changes focused on continuous security improvements rather than temporary fixes. The organization’s National Director, James Mason, publicly detailed these steps in customer communications while emphasizing the ongoing nature of the security enhancements.