Save the Children Federation, Inc.
On July 16, 2020, the Organization received notice that its third-party service provider, Blackbaud, had been the target of a ransomware attack. The Organization reported:
We understand from Blackbaud that the incident began in February, when the hacker gained access to Blackbaud?s system, and continued until May 2020, when Blackbaud discovered the hacker was attempting to carry out a ransomware attack. … Unfortunately, the hacker was able to make a copy of some data on the system, and Blackbaud subsequently paid a ransom to the hacker to have them delete the data. …
The Organization also reported that it had recently migrated off Blackbaud?s hosting solution; however, Blackbaud?s system still housed a backup of the Organization?s US supporter database, which Blackbaud reported was involved in the incident.