The National Childbirth Trust (NCT), has reportedly suffered a data breach affecting the registration details of 15,085 expectant parents. The Information Commissioner’s Office (ICO) and the police have been informed. Email addresses, usernames and encrypted passwords were compromised, but no other information is believed to have been put at risk.
An NCT spokesperson told the BBC: “We stress that no financial or personal details are held as part of this data so no financial or personal details have been accessed.
“We discovered the breach (on Wednesday), upon which we contacted everyone affected advising them of the breach and suggesting that they change their username and passwords.”
Users of online parenting forums have been discussing the incident. According to several posters, chief executive Nick Wilkie emailed parents:
Our records show that you have recently registered with us on our website.
It is with regret that I need to let you know that following a data breach, some of your registration details have been compromised. The email address, username and an encrypted version of the password you created when registering have been accessed. I should stress that any other information you have given us is held separately and has not been compromised.
While your password is encrypted, as a precaution, I would advise you to change any password as soon as possible for other accounts or registrations that use these details.
We discovered the breach today, are reporting the matter to the police and Information Commissioner and contacting all who are affected immediately.
NCT supports hundreds of thousands of new and expectant parents a year. We take this responsibility very seriously, including how we manage your data. Please accept my sincere apologies and let me assure you that we continue to do everything we can to ensure the safety of the data of all of our service users.
If you have any questions, please do not hesitate to contact our enquiries team at firstname.lastname@example.org