Dec 17, 2025

How to Prevent Data Breaches in Digital Fundraising

No items found.

A data breach can compromise donor details like names, payment info, and giving histories, leading to lost trust, financial losses, and legal issues. Faith-based nonprofits are particularly at risk due to limited cybersecurity resources. To protect donor data and maintain trust, follow these steps:

Map and classify data: Identify what donor information you collect, where it’s stored, and how it moves between systems. Classify data by sensitivity to prioritize protection.
Secure donation pages: Use HTTPS, PCI-compliant payment processors, and tools like AVS, CVV checks, and reCAPTCHA to block fraud.
Strengthen access controls: Require unique logins, enforce strong passwords, enable multi-factor authentication (MFA), and limit access based on roles.
Train your team: Teach staff to recognize phishing, secure accounts, and follow data protection policies. Regular training reduces risks significantly.
Monitor and respond: Set up alerts for unusual activity, review logs, and prepare an incident response plan to act quickly in case of a breach.

5 Steps to Prevent Data Breaches in Digital Fundraising

Your Nonprofit's Trusted Platforms Might Be Leaking Donor Info!

Map Your Data and Identify Security Risks

To safeguard donor information, you first need a clear understanding of the data you collect, where it’s stored, and how it travels within your organization. Nonprofits typically gather donor details through online donation forms, event and peer-to-peer pages, email subscriptions, advocacy forms, and e-commerce or ticketing tools. Without a detailed map of your data, you risk overlooking critical vulnerabilities. This foundational step is essential for strengthening the security of your digital fundraising systems.

Identify and Classify Your Donor Data

Start by creating a data inventory spreadsheet that lists every system handling donor information - such as your online giving platform, CRM, email tools, event software, payment processor, spreadsheets, and backup storage. Include all the data fields you collect, like names, emails, addresses, phone numbers, donation amounts (in USD), donation dates (in MM/DD/YYYY format), payment details, or any other specific information.

Next, classify this data based on its sensitivity to determine the level of protection it requires. For example:

Level 1: Public information (e.g., campaign totals)
Level 2: Personal data (e.g., names, emails, addresses, donation history)
Level 3: Sensitive financial data (e.g., full credit card numbers, bank details, Social Security numbers)
Level 4: Highly regulated data (e.g., information covered by HIPAA or state laws)

In your spreadsheet, add columns to track data type, sensitivity level, who has authorized access, and how long the data should be retained.

Track How Data Moves Between Systems

Create a visual diagram to map out how donor data flows from the moment a donation is made to its final storage location. For each step, document what data is transferred (e.g., names, emails, donation amounts, tokenized versus full card details), how it’s transferred (e.g., API connections, CSV exports, or third-party tools), and whether encryption is used during transit.

Pay close attention to high-risk transfer points, such as manual CSV exports, unencrypted data transfers, or outdated software. Breaches often occur when staff download donor lists to personal laptops or email accounts, creating unmonitored copies that can be lost or stolen. Ensure encryption and access controls are in place at every stage of data movement.

Once your data flow is mapped, evaluate potential external threats that could exploit these transfer points.

Identify Common Security Threats

Digital fundraising systems face several common security risks. Phishing attacks and email impersonation are particularly concerning, as attackers often target development or finance teams with fake “urgent” requests to gain login credentials or approve fraudulent transactions. Train your team to recognize red flags like mismatched sender domains, unexpected messages, or suspicious links.

Weak or stolen passwords are another major vulnerability. Attackers frequently reuse credentials from other breaches to access CRMs, donation platforms, or remote tools. Admin accounts with broad access are especially at risk. Additionally, web application attacks, such as form injections or skimming scripts designed to steal card data, can exploit outdated plugins or themes on nonprofit websites. Watch out for insecure data exports and shadow IT practices, where staff might store donor lists on personal devices or unapproved cloud accounts. Also, monitor for credit card testing attacks, where bots make small donations to validate stolen card numbers.

Assign Clear Ownership of Data Security

To avoid confusion and ensure accountability, assign specific roles for managing donor data:

Data Owners: Senior leaders responsible for overseeing how donor data is used.
Data Stewards: Operational staff who maintain data quality and enforce security policies.
System Administrators: Technical staff or vendors who configure and manage security settings.

For each system in your data inventory, define who approves new users, monitors suspicious activity, and leads the response in case of a breach. This approach prevents gaps where responsibilities might fall through the cracks and ensures vendor contracts include clear terms for security measures and breach notifications. If you work with a digital fundraising service like Share Services, make sure your agreements specify their role in maintaining security and informing you of any incidents.

Secure Your Digital Fundraising Tools

Once you've mapped out your data and identified potential risks, it's time to focus on safeguarding the systems that store and process your donor information.

Modern fundraising platforms often come with built-in security features that nonprofits can use to protect donor data effectively.

Protect Your Online Donation Pages

Your donation pages should always load over HTTPS and have a valid SSL/TLS certificate from a trusted provider. This ensures donor information is encrypted during transmission and reassures supporters with the lock icon visible in their browser. For added security, secure your entire website to prevent data interception.

Choose a PCI-compliant payment processor that adheres to Payment Card Industry Data Security Standards. This ensures credit card data is handled securely and not stored on your servers. When reviewing vendors, confirm they offer continuous security scanning, threat monitoring, and regular penetration testing.

Enable AVS and CVV checks to confirm billing addresses and card security codes. To prevent automated fraud attempts, consider adding Google reCAPTCHA or similar bot protection to your forms. Fraudsters often use small, repeated donations to test stolen card numbers, so some nonprofits set a minimum donation amount (e.g., $5) to deter such activity. If available, activate a web application firewall (WAF) to block common threats like SQL injection and cross-site scripting.

Keep your content management system (like WordPress or Drupal) up to date, including themes and plugins, as updates often patch critical vulnerabilities. Remove unused plugins or modules to reduce potential security risks.

Once your donation pages are secure, the next step is to implement strong access controls.

Set Up Strong Authentication and Access Controls

Every staff member and volunteer should have their own unique account - no sharing of credentials allowed. Enforce a strong password policy that requires passwords to be at least 12 characters long. Encourage the use of a password manager to create and store complex, unique passwords.

Enable multi-factor authentication (MFA) for all critical systems, including donation platforms, CRMs, email accounts, cloud storage, and accounting tools. Authenticator apps that generate time-based codes or FIDO2 security keys are more secure than SMS-based methods, which can be intercepted. Make MFA mandatory, especially for remote access to systems with donor data.

Use role-based access controls to assign permissions based on job responsibilities. Stick to the principle of least privilege - grant users only the access they need to perform their tasks. Conduct regular access reviews (e.g., quarterly) to adjust or revoke permissions as roles change, and immediately deactivate accounts when someone leaves your organization.

Keep Software Updated and Maintain Secure Backups

Applying software updates promptly is one of the most effective ways to prevent breaches. Many attacks exploit known vulnerabilities in outdated systems. This applies to operating systems, staff computers, fundraising platforms, CRMs, website CMSs, plugins, and integrations. Assign someone to monitor updates, subscribe to vendor security alerts, and maintain an update log. Test updates in a staging environment before applying them during low-traffic times, and verify that donation pages and integrations work correctly afterward.

Keep encrypted backups of your donor database, fundraising platform data, financial records, and website configurations. Follow the 3-2-1 rule: maintain three copies of critical data, store them on two different types of media, and keep one copy offsite or in a separate cloud environment. Use strong encryption algorithms like AES-256 for backups, with encryption keys stored separately.

Regularly test your backups - at least quarterly - to ensure they can be restored successfully and systems operate as expected. Document each test and note any issues. Protect backups from unauthorized changes or deletion by using immutability features or isolated storage. Clearly define what is backed up, where it’s stored, how long it’s retained, and who has access to restore it.

Build Security Into Your Organization's Daily Work

Having the right digital tools is just the beginning. To truly safeguard donor data, security needs to be part of your team's daily habits. Technology alone isn't enough - staff and volunteers must embrace secure practices as part of their routine. This requires training, clear policies, and leadership that prioritizes security.

Train Staff and Volunteers on Security Practices

Start by incorporating security training into your onboarding process, and follow it up with regular refreshers. Teach new team members how to recognize phishing emails by checking sender details, avoiding questionable links, and verifying unusual requests for sensitive information through a separate channel. Since phishing is one of the most common ways breaches occur, it's crucial to help staff identify red flags like urgent requests, unexpected attachments, or attempts to bypass established procedures.

Reinforce this training with simulations and online learning tools. For example, phishing simulations can help staff practice spotting threats in a controlled environment. Combine these with in-person workshops and short online modules so team members can learn at their own pace. Brief quizzes or certifications can also ensure that the training sticks. Nonprofits that consistently train their teams on security practices have been able to reduce successful phishing attempts by as much as 70%.

Encourage practical, everyday security habits, such as enabling multi-factor authentication (MFA) for email accounts, avoiding public Wi-Fi without a VPN, and steering clear of downloading attachments from unknown sources. Additionally, staff should access only the donor information necessary for their role, use encryption when handling files, and never share login credentials - even with trusted coworkers.

Create Policies for Secure Operations

Clear policies are essential for protecting donor data. They provide guidance, reduce confusion, and set clear expectations for your team.

For instance, establish data retention schedules that specify how long different types of information should be stored. Payment card details, for example, should only be kept as long as required by PCI DSS standards - typically between one and seven years, depending on local regulations and organizational needs. Classify donor data by sensitivity, automate the deletion of outdated records, and conduct annual reviews to ensure unnecessary data isn't being stored.

For remote work, require staff to use a VPN when accessing systems outside the office. Limit the use of personal devices for work unless they're managed with mobile device management (MDM) software. Ensure that any device handling donor data has proper security measures, like antivirus software and firewalls. Additionally, regularly audit remote login activity to catch any unusual patterns that might indicate unauthorized access.

Integrate Security With Daily Fundraising Tasks

Security works best when it’s seamlessly woven into everyday workflows. For example, in donor communications, require staff to double-check recipient addresses and use pre-approved, encrypted templates before sending sensitive information. Configure your CRM with role-based permissions so that team members only access the data they need for their specific responsibilities. This minimizes the risk of exposure if an account is compromised.

Log routine activities - like data entry, donor updates, and report generation - to spot any anomalies. Regularly review transaction logs to flag unusual behavior, such as multiple failed login attempts or unexpected data exports. Automated alerts can help your team quickly respond to suspicious activity.

Leadership plays a pivotal role in shaping a secure environment. By allocating resources for training and tools, prioritizing data protection in meetings, and recognizing staff who identify potential issues, leaders set the tone for the organization. When decision-makers model secure behaviors - like using password managers, enabling MFA, and questioning suspicious emails - it encourages everyone else to follow suit.

Monitor for Threats and Respond to Security Incidents

Once your systems are secure and good security habits are in place, the next step is staying vigilant. Even the best defenses can falter. By continuously monitoring your systems and acting quickly when threats arise, you can catch breaches early, minimize damage, and maintain the trust of your donors.

Monitor Systems for Unusual Activity

Keep a close eye on your CRM, payment systems, and email access logs. For high donation volumes, daily reviews might be necessary, but weekly checks are a good starting point. Watch for warning signs like logins at odd hours, repeated failed login attempts, access from unfamiliar locations, or sudden spikes in transactions. To make this easier, use real-time monitoring tools that highlight anomalies without requiring you to sift through raw data manually.

Set up automated alerts for suspicious activity. For instance, flag transactions over $10,000, logins from new IP addresses, or unusual donation patterns like multiple small donations in quick succession. These "velocity rules" are crucial for spotting card-testing attacks, where bots use small-dollar transactions to test stolen credit card numbers.

Leverage AI-powered fraud detection tools to analyze transactions in real time and block suspicious activity automatically. On your donation pages, enable fraud prevention features like reCAPTCHA to filter out bots. Ensure your payment processor uses tools like Address Verification System (AVS) checks, CVV verification, and device fingerprinting to identify mismatched information and stop fraudulent attempts.

Create an Incident Response Plan

When a breach occurs, every second matters. Have a dedicated incident response team ready, complete with clear roles, contact details, and after-hours procedures.

Develop playbooks for common scenarios, such as a compromised staff account, a card-testing attack on your donation form, a lost device containing donor data, or a misdirected email with sensitive information. Each playbook should outline immediate steps to contain the issue - like disabling compromised accounts, forcing password resets, temporarily shutting down affected forms, revoking API keys, or isolating infected devices.

Understand your legal obligations for breach notifications. For example, if sensitive donor data is exposed, laws like the California Consumer Privacy Act (CCPA) may require you to notify authorities within 72 hours. Prepare templates in advance for emails, website notices, and phone scripts. These should clearly explain what happened, what information was affected, what steps you’re taking to resolve the issue, and how donors can protect themselves, such as monitoring their accounts or updating passwords.

Once the immediate threat is contained, shift focus to identifying and fixing the vulnerabilities that led to the breach.

Strengthen Security After an Incident

After resolving a breach, conduct a thorough review to pinpoint what went wrong. Whether it was an unpatched software vulnerability, weak passwords, overly broad permissions, or a phishing attack, use system logs to trace the issue. Assign specific actions to address each weakness and set clear deadlines for completion.

Update your systems and policies based on these lessons. For example, if weak passwords were the problem, enforce stronger password rules and require multi-factor authentication (MFA). If permissions were too broad, implement stricter role-based access controls and schedule regular access reviews. If phishing was the culprit, organize additional training to help staff recognize similar threats in the future. Strengthen your defenses by implementing enhanced controls and updated policies promptly.

Be transparent with donors about the steps you’ve taken to improve security. Let them know if you’ve added MFA, introduced new monitoring tools, or conducted an external security review. Open communication about your commitment to protecting their data can help rebuild trust and even strengthen relationships after an incident. Cyberattacks, including phishing, malware, and data breaches, have impacted over half of U.S. nonprofits. Yet, many still lack formal incident response plans. Having a plan in place not only sets you apart but also shows donors that you take their security seriously.

Conclusion

Preventing data breaches in digital fundraising boils down to four key practices: mapping your data and identifying risks, securing your fundraising tools, integrating security into daily operations, and monitoring for threats with a solid response plan. Together, these steps create a strong defense that safeguards both your donors and your mission.

But protecting donor data isn’t just about meeting compliance standards - it’s about earning and maintaining trust. Studies show that cyber incidents often draw significant media attention and can be particularly difficult for nonprofits to recover from. This makes proactive security measures not just important but essential. Donor confidence in how their data is handled directly influences whether they choose to donate online and, more importantly, whether they’ll come back to give again. By implementing PCI-compliant payment systems, enabling multi-factor authentication, providing regular team training, and being transparent about your security measures, you create a foundation for lasting donor relationships and steady revenue.

Think of data security as a strategic part of your fundraising plan, not just an IT issue. The effort you put into protecting donor information today pays off in trust, retention, and the ability to grow your digital fundraising initiatives without fear of disruption. If your nonprofit lacks the internal resources to manage these challenges, partnering with experts like Share Services can help ensure your campaigns remain both impactful and secure - reinforcing the security measures outlined in this guide.

FAQs

What are the biggest security risks in digital fundraising?

Nonprofits face a range of security risks in digital fundraising that demand attention. Among the most frequent threats are phishing attacks, where cybercriminals deceive individuals into sharing private information, and data breaches, which can compromise donor details. Additional concerns include malware infections, unauthorized system access, and social engineering tactics aimed at manipulating staff to disclose sensitive information.

To safeguard donor data and uphold trust, nonprofits must remain alert and adopt strong security protocols in their digital fundraising operations.

What are the best ways to train nonprofit staff to prevent data breaches?

To reduce the risk of data breaches, it's essential to offer employees regular cybersecurity training. Focus on key areas like data privacy, recognizing phishing scams, and maintaining secure data handling practices. Adding simulated phishing exercises can be a practical way to boost awareness and reinforce these lessons. Make sure your organization's data protection policies are clearly communicated, and prioritize continuous education to keep your team updated on the latest security measures.

What should an incident response plan for data breaches include?

An effective incident response plan for handling data breaches should focus on a series of essential steps to minimize harm and ensure a swift recovery. These steps include identifying and evaluating the breach, containing and removing the threat, and informing affected individuals and relevant authorities as required by law or policy.

The plan should also detail recovery procedures to bring operations back to normal as quickly as possible. Equally important is maintaining thorough documentation of the incident, which can serve as a reference for future improvements. Lastly, conducting a post-incident review is key to uncovering vulnerabilities and implementing stronger safeguards to reduce the risk of future breaches. By following these steps, organizations can better protect sensitive donor information and uphold trust in their digital fundraising efforts.