Recently, one of the Girl Scouts’ official email accounts was accessed by an “unauthorized third party” and as a result, as many as 2,800 girl scouts in Orange County, California may have had their personal information compromised.
Gaining access to the account naturally gave the hacker access to every email sent from that account that had not already been deleted. When the breach was discovered, the Girl Scouts sent an email to every potentially impacted individual.
The email reads, in part, as follows:
“Some of the emails stored in this account, which included emails with dates as far back as 2014 through October 1, 2018, contained information about our members. Out of an abundance of caution, we are notifying everyone whose information was in this email account.”
Based on the information the account contained, compromised data varied widely from one person to the next. However, the data included details like email address, home address, health history information, insurance policy numbers and driver’s license details. In short, that’s more than enough information to steal an identity.
While this breach is not noteworthy for its scope and scale, it has been attracting a great deal of attention because it targeted children and young adults. Identity data belonging to this demographic is extremely attractive to hackers because it can often be monetized for months, if not years before red flags are raised.
Last year, more than a million children in the US were impacted by identity fraud. What’s worse, according to a report published by Javelin Strategy and Research, 60 percent of child identity fraud victims know the fraudster, compared with just 7 percent of adult victims.
The investigation is still ongoing, but if you live in Orange County, California, and have a child in the Girl Scouts, be on high alert.