P2021-ND-314

In May 2020, the Organization?s cloud-based software and data hosting solutions provider, Blackbaud, discovered that it was the target of a ransomware attack. Threat actors managed to remove a subset of data from Blackbaud’s self-hosted environment, which included data being processed by Blackbaud for the Organization. On or around July 16, 2020, the Organization received a notification from Blackbaud informing it of the incident affecting the data of some of the Organization?s members. On October 9, 2020, after extensive communications, Blackbaud provided additional information to the Organization related to the potentially impacted information. However, because the Organization was no longer a client, Blackbaud provided the information in a format that was not readable to the Organization. The Organization worked with third-party computer specialists to obtain the information in a readable format and proceeded with a review of the information to confirm which data was potentially impacted by the Blackbaud event.

File Type: pdf
File Size: 606 KB
Categories: 2021