February 24, 2015; The Hill
As regular readers of NPQ have already seen, yesterday, the Urban Institute announced that the National Center for Charitable Statistics (NCCS) had been hacked, specifically targeting the annual reports made by nonprofits to the IRS. There is no evidence that tax filings themselves were compromised and no Social Security numbers or credit card information were in the system.
NCCS is one of the most prominent analytical sources in the world of nonprofits, using its base of 990s to discern trends in the sector. The breach is not an unusual event for this kind of data-rich institution. Washington-based think tanks are common targets of hackers, and in this case, the usernames, passwords, IP addresses, and other account data for 600,000 to 700,000 nonprofits that file through the NCCS were accessed.
Sign up for our free newsletters
Subscribe to NPQ's newsletters to have our top stories delivered directly to your inbox.
By signing up, you agree to our privacy policy and terms of use, and to receive messages from NPQ and our partners.
Elizabeth Boris, the director of the Center on Nonprofits and Philanthropy where NCCS is housed, apologized in a statement Tuesday and suggested users of their site should change their passwords.
The Center for Strategic and International Studies, the Heritage Foundation, and the American Enterprise Institute have each publicly acknowledged being hacked. Foreign policy experts joining the Obama administration in 2009 also came under assault from hackers, according to reports.
Apparently, the Urban Institute noticed suspicious activity as early as January 7th, but it was not until January 23rd that they realized that the e-Postcard filing system had been compromised. Filers from then on were informed that they should change their passwords. By February 4th, it was clear that the hackers had broken into the Form 990 system as well. A spokesperson said that approximately 740,000 email addresses are associated with compromised accounts.
The Institute is not speculating about a motive for the cyberattack, saying that it is awaiting final investigation results. “We are working with law enforcement agencies as they conduct an investigation,” said Boris, “In addition, we have retained a leading cybersecurity firm to help us analyze the situation and strengthen security.”—Ruth McCambridge