The office of General Synod has been targeted by cyber attackers who stole money from its bank account, announced Archbishop Linda Nicholls, primate of the Anglican Church of Canada in a Nov. 25 session of the Council of General Synod (CoGS). All funds stolen have since been recovered, she said.
“Despite all efforts and precautions taken, the General Synod was recently the victim of a malicious cyber attack,” Nicholls told CoGS, reading a prepared statement. “Hackers, possibly from abroad, executed a targeted attack of an employee’s email account using information available online.”
The attack, she said, was detected when church leaders were alerted to an unauthorized withdrawal from the General Synod’s bank account. “We promptly suspended withdrawals, stopped the attack, and immediately hired lawyers to investigate and remediate the breach. Very quickly after the incident, the financial institution fully reimbursed the General Synod for the funds stolen by the hackers.”
The only money not restored to the church was the legal cost associated, said Nicholls, though she did not specify an amount. “It is an unfortunate lesson that cyber criminals will prey on the most innocent of victims. Upon discovering the incident, a top security firm was immediately brought in to ensure the breach was contained and eradicated. We are confident that the General Synod’s network and data are secure,” she said.
In response to a question from a member of CoGS, Clare Burns, Chancellor of General Synod, clarified that no one’s personal financial information was leaked or accessed in the attack.
At the beginning and end of her statement, Nicholls stated that the church would not be able to publicly share any further information on the attack besides the statement, on which the church’s lawyers were consulted.
The attack on General Synod is one of a recent spate of cyber attacks on public institutions and private organizations, including attacks on five hospitals in southwestern Ontario earlier in November and a late-October ransomware attack on the Toronto Public Library system that is expected to render its online services unavailable until 2024.