Increasing number of charities caught up in Blackbaud ransomware attack

Crisis, the National Trust and Young Minds are among charities impacted by a cyber- attack to affect cloud computing provider Blackbaud.

The US headquartered computing provider has revealed it discovered the incident in May and has paid the attackers a ransom.

During the attack criminals removed a copy of a subset of data from Blackbaud, which has offered assurances that the cyber-attackers did not access credit card or bank account information. When Blackbaud paid the ransom it says it received confirmation that the copy of the data had been destroyed.

The Information Commissioner’s Office (ICO) has confirmed it has received 125 reports in relation to Blackbaud from a raft of organisations that use the provider, including charities.

“People have the right to expect that organisations will handle their personal information securely and responsibly,” said an ICO spokesperson.

“The cloud software company BlackBaud has reported a data breach incident which has potentially affected a large number of UK organisations using its services and we are making enquiries.

“Organisations involved should be getting in touch with their customers to inform them if their personal data has been impacted. Anyone with any concerns about how their data has been handled should raise those concerns with the organisation first, then report to us if they are not satisfied.”

Charities impacted

Charities to be affected include, Young Minds which said it was only notified of the May attack on 16 July. The charity has now alerted both the ICO and the Charity Commission.

“This has therefore meant that some details of our supporters have been accessed, including some personal information like their names, addresses and email addresses. No financial or banking details were included in the database,” said Young Minds.

“We have been assured by Blackbaud that there is a low risk to YoungMinds’ supporters, but all the same we would urge all of our supporters to continue to be wary of unexpected communication and practise the usual caution around suspicious emails and letters.”

Another impacted is the National Trust, which says that the attack did not involve any of its membership data.

The charity’s chief information officer Jon Townsend said: “We take our data protection obligations extremely seriously and as soon as we became aware of this incident, we launched an internal investigation and are working with the third-party supplier, Blackbaud, to assess whether any further action is needed.

“This affected our volunteering and fundraising community and did not involve any data from our membership database.

“We are currently in the process of identifying and informing those affected. We have been told that no financial data, credit card, account details or passwords were accessed as a result of the Blackbaud breach.

“We understand that any data that was accessed has since been destroyed. We have reported the incident to the UK's regulator for data protection, the Information Commissioner's Office and the Charity Commission.”

Meanwhile, Crisis has also been affected and is now working with Blackbaud to assess the impact of the attack on its supporters.

“On Thursday 16 July 2020, we were notified by Blackbaud, the company which provides our supporter database, that they had suffered a cyber-attack,” said Jon Sparkes, Crisis chief executive.

“As a result of this attack, personal information of some of our supporters was accessed including their name, address and email address. We have been assured that no financial details were accessed during this breach.

“Since being notified we have been working directly with Blackbaud, as a matter of urgency, to assess the impact on our supporters. While they have assured us that to the best of their knowledge, all of the details that were accessed have now been destroyed and the risk to Crisis supporters is low, we have contacted all those affected and urge them to remain vigilant and handle any unexpected communications or suspicious emails or letters with extreme caution.

“We have reported the incident to the Charity Commission and the Information Commissioner’s Office and continue to follow their advice on the matter.

“We take the data that supporters share with us extremely seriously and are working with Blackbaud to fully investigate the matter and seek assurances on what safeguards they are putting in place to ensure that our supporters are fully protected in future. We will continue to keep all those affected informed.”

Blackbaud

In a statement Blackbaud said. “Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.

“Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.”

It added: “We apologise that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.”

    Share Story:

Recent Stories