A CYBER attack which targeted personal data from the Bible Society has landed the Swindon-based organisation with a £100,000 fine.

The Information Commission has issued the fine after cyber criminals exploited a weakness in the Society’s computer network to steal personal data about its supporters.

The attack happened between November and December 2016 and meant the personal of data of 417,000 of the society’s supporters, including some card and bank account details, were transferred out of the society’s network.

The ICO issued the fine because it found the society could have done more to protect the personal data from hackers.

Steve Eckersley, the ICO’s head of enforcement, said: “The Bible Society failed to protect a significant amount of personal data, and exposed its supporters to possible financial or identity fraud.

“Our investigation determined that it is likely that the religious belief of the 417,000 supporters could be inferred, and the distress this kind of breach can cause cannot be underestimated.

“Cyber-attacks will happen, that’s just a fact, and we fully accept that they are a criminal act. But organisations need to have strong security measures in place to make it as difficult as possible for intruders.”

The society, which translates and distributes the Bible in the UK an around the world relies on card donations from its UK supporters.

The ICO said that supporters’ details were stored on an account on an insufficiently secure network which was easily accessed remotely and was only secured with easy-to-guess password.

A Bible Society spokesperson said: “The Bible Socety has acknowledged, from the outset, the significance of the data security incident and we have taken it very seriously. Following the hack, we immediately contacted any supporters whose data might have been at risk, giving support and advice on what to do next.

“The incident occurred because of a vulnerability in a single isolated account which had been overlooked. At no point did this breach involve or affect our website (biblesociety.org.uk) or associated online Bible Society accounts.

“No supporters reported that their accounts had been breached and there is no evidence of any material effect on supporters.”

Ransomeware is a type of malicious software used by hackers to threaten to publish a victim’s data or block access to their accounts until a ransom is paid.

The ICO has the power to fine holders of personal data up to £17 million under the Data Protection Act 2018.