CV NEWS FEED // The Catholic Diocese of Cleveland, Ohio, this week announced that a cybersecurity incident may have compromised confidential information on its data site, making Cleveland the second diocese this month to confirm a data breach.
The data breach occurred between Dec. 14 and Jan. 12, when an unauthorized party accessed an employee email account. The Diocese launched an investigation that concluded on March 14.
On April 22, the Diocese of Cleveland filed a report with the Attorney General of Montana and informed all affected persons of the data breach, according to online legal news outlet JD SUPRA.
The data breach potentially compromised any or all of the following information belonging to victims: Social Security numbers, credit card information, passport information, date of birth, taxpayer identification number, routing number, and driver’s license number, among other information.
In a statement about the data breach, the Diocese noted: “To date, we are not aware of any reports of identity fraud or improper use of any information as a direct result of this incident.”
The Diocese’s statement included information about what steps victims can take to protect their identity and accounting information.
“We are committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it,” the Diocese added. “We continually evaluate and modify our practices and internal controls to enhance the security and privacy of personal information.”
Earlier this month, another Catholic diocese confirmed a data breach.
On April 17, the Diocese of Phoenix, Arizona, announced that its systems had been recently targeted in a cyberattack.
The cyberattack against the Phoenix diocese took place on Jan. 17, when an unauthorized party accessed sensitive and confidential information belonging to parishioners and employees, including Social Security numbers and addresses.