CHARLESTON, S.C. (WCBD) – MUSC on Friday announced that some constituent data may have been impacted by a Blackbaud data breach. They previously alerted the public on August 10.
MUSC was notified on July 16 that “Blackbaud, an outside vendor of MUSC, had discovered and stopped a ransomware attack on Blackbaud’s self-hosted platform in May of 2020.”
According to the statement, Blackbaud assured MUSC that “the cybercriminal did not access credit card information, bank account information, or social security numbers.”
However, the cybercriminal “in as early as February…[removed] a copy of a subset of Blackbaud’s customer data.”
Information obtained by the cybercriminal may include “information used by MUSC for fundraising and donor relations purposes, such as individuals’ names, contact information, demographic information, birth date, relationship and donation profile/history with MUSC, and in some cases limited health information (such as physician name, department visited and/or discharge date).”
To prevent this from happening in the future, “MUSC is reviewing all relevant business practices and procedures regarding the security of…personal data.”
Blackbaud and MUSC do not believe that there is any threat to individuals.