In May 2020, the Organization’s third party vendor, Blackbaud, advised the Organization of a data security incident involving a ransomware attack on its systems, including its Raiser?s Edge software product used by the Organization. Blackbaud reported that it was able to successfully prevent the cybercriminal from blocking its system access and fully encrypting files, and ultimately expelled them from its system. However, prior to locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from its self-hosted (private cloud) environment. Blackbaud paid the cybercriminal?s demand with confirmation that the copy they removed had been destroyed. Blackbaud said it has no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.
P2021-ND-078
File Type:
pdf
File Size:
187 KB
Categories:
2021