When even “safe spaces” get targeted: The claimed cyberattack on the Methodist Church of Southern Africa
Here’s a recent cybersecurity story you should know about, especially if your organization (religious or otherwise) trusts its IT to just “work in the background.
What’s going on?
On 2 October 2025, a ransomware tracking platform (Ransomware.live) listed the Methodist Church of Southern Africa as a victim of a breach. The attackers, reportedly the Beast ransomware gang, claim to have exfiltrated 150 GB of data. The listing was made public a few days later, on 5 October.
The attackers also claim there was no use of known cloud or SaaS services detected under the church’s digital footprint (suggesting direct access to on-premises systems or lesser-known infrastructure).
Ransomware.live
Meanwhile, the church’s website (methodist.org.za) is currently “under construction” / maintenance, which may or may not relate to recovering from an incident.
What we don’t (yet) know and why it matters
The church has not (publicly) confirmed the breach.
There is no verified forensic report to confirm or refute the claims.
We don’t know whether the attackers have demanded ransom, or if they’ve threatened to publish the stolen data.
The operational impact (email down, databases locked, etc.) is unknown.
In short: this is unverified but serious. Whether or not the claims are true, the fact that such a listing exists should send a wake-up call to religious organizations (and all nonprofits). You are not exempt from cyber threats.
Lessons & tips for churches, NGOs, and smaller orgs
Assume you're a target — cybercriminals often see nonprofits and faith organizations as “soft” targets. Don’t be complacent just because your mission is spiritual or community-oriented.
Back up your data (securely, offsite, and tested) — backups are your last line of defense when systems get locked or erased.
Segment and isolate critical systems — don’t let a breach in one system cascade across everything.
Use multi-factor authentication (MFA) — for email, admin portals, member databases.
Monitor for anomalies & logs — detect early signs of compromise (unusual logins, data transfer spikes).
Have an incident response plan — even small organizations should know who to call (IT, legal, PR) when things go wrong.
Communicate transparently — if a breach happens, timely and honest communication to stakeholders builds trust and helps containment.
Final thoughts
Right now, the Methodist Church breach is a claim more than a confirmed fact, but it’s worth watching closely. Even institutions you might view as “safer” or more trusted can become victims. Cybersecurity is not optional; it's part of stewardship, protecting your community, your reputation, and your mission.
Holen Sie sich noch heute Prventi und stärken Sie die Cybersicherheit Ihres Teams
Warten Sie nicht auf einen Angriff. Bereiten Sie Ihr Unternehmen mit der Phishing-Simulation und dem innovativen Cybersicherheitstraining von Prventi vor.
Keine Kreditkarte erforderlich. Jederzeit kündbar.
