In some cases, the fraudsters have used these details to contact benefactors directly, trying to extract more money.
The charity closed its website temporarily, warned those affected and reported the breach to the police.
"We are all in a state of shock,” said Neville Kyrke-Smith, National Director at Aid to the Church in Need UK. “Apart from the obvious distress to benefactors, we're concerned that our charity identity has been stolen. However it's the beneficiaries, those who need the money the most, who will ultimately suffer. I urge all charities to regularly review their website security and make sure all software is up-to-date."
According to Andrew Hind, Chief Executive at the Commission:
"This charity already used a secure encrypted connection to transfer and store data and the organisation's website should have been safe. However it's a sad fact of modern times that charities, like businesses, have to make sure their websites are protected. All charities need to regularly review website security and make sure they stay ahead of the hackers and fraudsters."