LCA security: what happened and what’s next?

On 9 June the LCA was the victim of an online security breach. On 10 June, upon investigating the seriousness of the attack, the LCA IT Department shut down the entire LCA network and deleted all user passwords in order to secure our systems and restore services safely. This affected everyone with an lca.org.au email address: pastors and other church workers, employees and volunteers, including congregation and parish office-bearers.

Our IT staff worked quickly to secure the network, but the process of re-issuing new passwords to over 6000 users by text message has of course taken much longer. At the end of last week, most individual users for whom we have mobile phone numbers had been contacted. The task of contacting all users is continuing this week. Also, congregation and agency emails are being restored this week. Until this process has been completed, only those users who have received their new login details should contact LCA IT for assistance.

You may have heard reports of Australian PM Scott Morrison’s press conference last week, in which he said that Australia and other nations have been experiencing a barrage of cyber attacks across government, industry, education and other sectors. Churches are being targeted also. The LCA is working hard to keep our systems secure in this new world. This week we will be conducting a review of our security measures and how we can make them even stronger.

Thank you for your understanding and patience over these past two weeks. We will keep you informed about any changes to our online systems as we continue to strive to keep our data and all our users safe.

As a reminder, everyone who uses online systems (internet, email etc) should never click on a link from an unidentified or questionable source, or answer questions about online accounts from an unsolicited caller.