The Salvation Army has been the subject of a ransomware attack.
The charity declined to give precise details on the nature and extent of the incident but said it had reported the matter to the Charity Commission and the Information Commissioner’s Office, indicating that data might have been stolen.
One data security expert said anyone who had provided personal details to the charity should assume their data had been compromised.
A spokesperson for the charity said: “We are investigating an IT incident affecting a number of our corporate IT systems.
“We have informed the Charity Commission and the Information Commissioner’s Office, are also in dialogue with our key partners and staff and are working to notify any other relevant third parties.
“We can also confirm that our services for the vulnerable people who depend on us are not impacted and continue as normal.”
A spokesperson for the ICO said: “The Salvation Army Trustee Company has made us aware of an incident and we are assessing the information provided.”
Javvad Malik, security awareness advocate at the training company KnowBe4, said anyone who had provided details to the charity should assume their information had been compromised.
“There are not many details available as to the attack and the nature of information that was stolen,” he said.
“To err on the side of caution, anyone that has provided details to the Salvation Army should assume that all the information may have been compromised.
“This includes passwords, or any personal data submitted including financial information.”