Public Radio Was an Unexpected Victim Of The 2013 Target Hack

​Emails recovered from the newest batch of hacked Sony inboxes reveal that some nonprofits experienced a financial squeeze in 2014 due to the Target hack of 2013, in which the data from millions of people's debit and credit cards was leaked and sold on the dark net.

An email sent to David Diamond, Sony CEO Michael Lynton's executive assistant, from Southern California public radi​o station KPCC's Major Giving Manager Lynne Slattery, revealed that the Target hack, as well as similar breaches experienced by retail​ers like Neiman Marcus, resulted in unrealized donations amounting to hundreds of thousands of dollars.

The message, sent on April 22, 2014, requested in an urgent tone that Lynton donate 10 thousand dollars, a commitment he "verbally [affirmed]" in May. The donation would help to quickly close a funding gap that Slattery attributed to the hack, according to the email.

"KPCC got hit quite hard by the Target/Neiman Marcus credit card security breach and hundreds of thousands of dollars in committed revenue hasn't been realized because of it," Slattery wrote. "It's quite serious and I imagine lots of nonprofits are struggling with making up for the revenue right now.

"We could really use his help right now and I would love to process his gift, if he's comfortable providing a credit card number," she continued.

The Target hack was unearthed in De​cember of 2013 by security investigator Brian Krebs, who discovered that card information was being hawked by so-called "card shops" on the dark net for anywhere from $20 to $100. Of the estimated 40 million compromised cards, 10 to 15 percent w​ere used for fraud, according to New York-based fraud detection software company BillGuard.

Most individuals were likely safe from personal loss due to the "zero liability" clauses most credit card companies have in place, but many cancelled and changed their cards, and banks lost an estimated $153 million after mailing out new ones.

The funding gap experienced by KPCC was created by the interruptions these card cancellations caused in their sustainer program, an issue that pla​gued public broadcasters after the breach.

When someone enrolls in a sustainer program, they agree to have a monthly or yearly donation charged to their credit card. The charge is automatic and does not need to be renewed. When a card, or a few million cards, are unexpectedly cancelled, a funding gap is created. Sustainer programs are widely used by public broadcasters and small nonprofits, like public li​braries and local conserv​atories.

Motherboard reached out to KPCC, which provided us with an official statement to donors from KPCC president Bill Davis, sent on April 23rd, 2014, just one day after KPCC asked Lynton for a 10 thousand dollar donation. It reads, in part:

"When your security was violated, our financial stability was also threatened. Even though KPCC wasn't hacked, we were hurt. […] This type of funding gap as a result of outside influences is something we've never encountered before. […] In order to overcome this deficit without sacrificing the quality of our programming, and to ensure we end this fiscal year financially sound for the upcoming election season, we need 9,000 listeners to show their support by June 30th."

Diamond forwarded Slattery's email to Lynton with the added remark, "Pls advise…" It is unclear in the recovered emails whether Lynton followed through with his promised donation to the public radio station.

The email exchange sheds light on an unexpected casualty in the fallout of the 2013 Target hack: nonprofits that depend on help from monthly donors and, in some cases, wealthy patrons for their continued survival.