Oxfam Australia has confirmed that they suffered a data breach after suffering a cyberattack and their donor databases were put up for sale on a hacker forum in January. A threat actor was selling a stolen database containing 1.7 million user records. These records included names, email addresses, addresses, phone numbers, donation amounts, and donation amounts. No passwords have been compromised and a small subset of donors the threat actor may have had access to bank names, account numbers, and partial credit card numbers. It is not known if any threat actors purchased the stolen data after it was marketed online.
Source: https://www.bleepingcomputer.com/news/security/oxfam-australia-confirms-data-breach-after-stolen-info-sold-online/