Cyber Incident Victim: Our Sunday Visitor

Our Sunday Visitor (OSV), a major Catholic resource provider, discovered suspicious activity on its network on March 8, 2023. The organization promptly secured its systems and initiated an investigation with the assistance of third-party forensic specialists. The investigation confirmed that an unknown actor had acquired certain files from OSV's network. While the specific nature of the compromised systems was not disclosed, the breach involved unauthorized access to data files that potentially contained sensitive personal information. OSV launched a comprehensive review of the affected data to determine the types of information involved and identify the individuals impacted. This review remained ongoing as of May 5, 2023, though preliminary findings indicated the files held sensitive details for an unspecified number of people. The organization stated the compromised data elements varied per individual, requiring case-by-case analysis to assess risks accurately.

In response to the breach, OSV began finalizing its data review by May 2023 and prepared to mail personalized notification letters to all potentially affected parties. These letters detailed the specific types of personal information exposed for each recipient. The company publicly confirmed it had observed no evidence of misuse of the stolen data at the time of its announcement. Internally, CEO Kyle Hamilton notified employees via email on May 3, 2023, acknowledging the incident and emphasizing the company's commitment to mitigating risks and safeguarding staff security. OSV did not disclose technical details about containment measures beyond securing its network post-discovery, nor did it specify the total number of affected individuals or the timeline for completing notifications. The organization maintained operational continuity throughout the investigation while prioritizing individual privacy concerns tied to the breach.