CHARLESTON, S.C. (WCBD) – Blackbaud on Tuesday released in a Securities and Exchange Commission Report that the bank account information, social security numbers, usernames, and passwords of some customers may have been accessed in a May 2020 attempted ransomware attack.
According to the report, “further forensic investigation found that for some…customers, the cybercriminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames, and/or passwords.”
Blackbaud previously alerted customers of the security breach in May. Blackbaud said that its “Cyber Security team — together with independent forensics experts and law enforcement — successfully prevented the cybercriminal from blocking [their] system access and fully encrypting files; and ultimately expelled [the cybercriminal] from [their] system.”
However, the cybercriminal “removed a copy of a subset of data from [Blackbaud’s] self-hosted (private cloud) environment.”
Blackbaud emphasized that the possible breach of sensitive data does not apply to everyone initially notified of the incident. The report states that “in most cases, fields intended for sensitive information were encrypted and not accessible.”
Blackbaud will begin contacting “customers who [they] believe are using these fields for such information” this week.
The investigation is ongoing, and Blackbaud says that it will continue providing updates to customers, stockholders, and stakeholders “as appropriate.”