P2021-ND-022

The Organization uses a third party provider?s customer relationship management (CRM) platform to support its data for alumni, parents, students and the broader community. On July 16, 2020, the third party provider (Blackbaud) informed the Organization that its database backup had been affected by a ransomware incident, which began in February 2020, but was discovered in May 2020. According to Blackbaud, after discovering the attack, it successfully prevented the cybercriminal from blocking system access and fully encrypting files, and ultimately expelled them from the system; however, the cybercriminal removed a copy of a subset of data from Blackbaud?s self-hosted environment, including the Organization’s backup. Blackbaud paid the cybercriminal?s ransom demand and received confirmation that the backup copy was destroyed. Blackbaud indicated that based on the nature of the incident, its research, and third party (including law enforcement) investigation, it has no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.

File Type: pdf
File Size: 603 KB
Categories: 2021