Suspected State Actor Hacked the Church of Jesus Christ of Latter-day Saints

An unnamed state-sponsored actor breached the cybersecurity of the Church of Jesus Christ of Latter-day Saints in March 2022 and stole personal information, including names, addresses and more.

Churches maintain their own network infrastructure and computer systems where they keep the personal information of their followers. In some respects, it’s a lot like a hospital. And these types of organizations are often in the sights of hackers and other interested parties.

The Church of Jesus Christ of Latter-day Saints revealed that unknown attackers compromised their systems in March 2022, stealing valuable private information on church members. They immediately notified the FBI and were instructed to keep the intrusion confidential for the duration of the investigation because they suspected the involvement of a state actor.

“This instruction was lifted on October 12, 2022, and we notified affected individuals,” the Church explained. “U.S federal law enforcement authorities suspect that this intrusion was part of a pattern of state-sponsored cyberattacks aimed at organizations and governments around the world that are not intended to cause harm to individuals.”

The Church also made a point of explaining that financial information remained safe

“The breached systems contain personal data, including basic contact information, of members of The Church of Jesus Christ of Latter-day Saints,” the Church added. “The data accessed may include, if you provided it, your username, membership record number, full name, gender, email address(es), birthdate, mailing address, phone number(s), and preferred language. The affected data did not include donation history, or any banking information associated with online donations.”

The Church of Jesus Christ of Latter-day Saints already informed everybody caught in the breach and advised them to change their passwords and watch out for suspicious activity regarding their online accounts.

Affected people could use the services of Bitdefender Digital Identity Protection, which continuously monitors personal information, alerting users in real time to data breaches and leaks. This lets them immediately change their passwords and secure their accounts to prevent financial loss or even social media impersonation, which can ruin reputations.