The Girl Scouts of Orange County organization recently became aware it was the victim of an email-related breach, it was announced Thursday.
Members of the Irvine-based group were sent a letter on Monday informing them that on Sept. 30 a hacker gained access to the firstname.lastname@example.org email account and sent emails to others.
The hacker did not gain access to the organization’s computer network, servers or other systems, the organization said in the letter.
The Girl Scouts’ IT officials “immediately” changed the password and “confirmed that the account was secure” as soon as it learned of the breach.
The hacker had access from Sept. 30 through Oct. 1 to the email account so names of members, dates of birth, email addresses, home addresses, driver’s license numbers, health history information and insurance policy numbers were exposed.
The Girl Scouts alerted the state Attorney General’s Office and took measures to “strengthen” its online security, officials said in the letter.
“We also advised our members not to open any unusual emails from that account,” said Elizabeth Fairchild, a spokeswoman for the Girl Scouts.
About 2,800 Girl Scouts were affected. Fairchild said the “vast majority of information stored in the account was non-sensitive.”
Less than 300 members “had sensitive information stored in the account,” Fairchild said.