P2020-ND-198

Heart and Stroke Foundation

The Organization manages personal information related to volunteer and donor relations, communications and for historical record keeping through its service provider, Blackbaud. On July 16, 2020, Blackbaud advised the Organization that cybercriminals accessed Blackbaud?s system by using the credentials of a customer who was using Blackbaud?s self-hosted environment, and attempted a ransomware attack. Blackbaud advised that it was able to successfully prevent the cybercriminal from fully blocking system access and fully encrypting files, and was able to expel the intruder from the Blackbaud system. However, the cybercriminal was able to remove a copy of a subset of data from Blackbaud?s self-hosted environment, including a copy of the Organization?s CRM backup. The incident occurred between February 7 and May 20, 2020.

File Type: pdf
Categories: 2020
Tags: Unauthorized access