Second Harvest of the Big Bend targeted in phishing scam
TALLAHASSEE, Fla. (WCTV) - Second Harvest of the Big Bend is helping to feed million of people every year. As the need for many in the area is higher than ever, the organization fell victim to a data security breach.
Second Harvest officials say they were notified by donors last week after they noticed what appeared to be duplicated checks their accounts.
A forensic audit by their IT consulting firm identified that it was caused by a phishing email scam.
The breach is coming on the heels of the organization’s busiest year.
On Monday volunteers helped pack boxes of food for those in need.
One of those volunteers was Jim Boylan.
Boylan has been volunteering at Second Harvest since last December.
“People are in need in this community,” Boylan said. “The need of people being unemployed, not having enough money to pay rent, and this is food which is one of the very basic needs that we have.”
Last year Second Harvest provided more than 11.5 million meals.
With the pandemic not yet in the rear view mirror, the organization is expecting the need to be even greater this year.
As donations are needed more than ever, several donors were impacted by a phishing scam.
“It’s just a really unfortunate time for our entire community, and it really feels like the work that everyone is trying to do has been victimized,” said CEO Monique Van Pelt.
Through a forensic audit, the IT consulting firm identified the files and the donors that were breached. Those donors, Van Pelt says, have been contacted and are urged to contact their banking institutions.
“It was not our entire database, it was select folders with select donors in them. So for our donors, if we have a mailing address they’ve received a letter. If we have an email address we’ve sent emails, and for every donor we have a phone number for, we’re working through making phones calls to all of those donors as well,” Van Pelt said.
The organization says they regularly train all staff members on identifying phishing scams. They have also added another layer of identity security as a response to the incident.
“It wouldn’t be able to happen in this particular way again because of the two factor indication that we’ve now put on all of our staff members,” Van Pelt said.
Second Harvest says many banks are already aware of the issue, but still donors are asked to contact their banking institutions.
Blake Dowling, CEO of AEGIS, says a few tips to avoid scams like this one are to always be hypervigilant, to look twice at emails and if you have questions or concerns, you can always call or text the individual to confirm the email is real.
Copyright 2021 WCTV. All rights reserved.