Blackbaud Data Breach has affected many non-profits, foundations and social organizations. For those not familiar with Blackbaud, it is the worlds largest cloud provider powering social good. They are headquartered in Charleston, SC and are a publicly traded company. (BLKB NASDAQ). In May of 2020, Blackbaud had a data breach that attempted to disrupt their business by locking customers out of their own files. Some of those affected were Roswell Park Hospital in Buffalo, NY and Catholic Health Systems. Below is a summary of the incident.

Blackbaud Data Breach

Summary of Incident

In May of 2020, we discovered and stopped a ransomware attack. In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system. Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. This incident did not involve solutions in our public cloud environment (Microsoft Azure, Amazon Web Services), nor did it involve the majority of our self-hosted environment. The subset of customers who were part of this incident have been notified and supplied with additional information and resources. We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.
To find out more, visit Roswell Park or the Blackbaud website.