Title

U.S. Institutions Affected by Blackbaud Cyberattack

By

July 31, 2020

Criminals may have accessed private information from donors to at least 16 U.S. universities as part of a cyberattack on cloud computing company Blackbaud.

Hackers were unsuccessful in blocking access to Blackbaud files but did make a copy of a subset of data. Blackbaud paid a ransom to the criminals to destroy this information -- a move that is not encouraged by many law enforcement agencies, as ransom payments are thought to encourage further attacks.

U.S. Universities Affected by Blackbaud Data Security Breach Include:

Ambrose University

Auburn University Foundation

Bentley University

Des Moines University

Emerson College

Louisiana Tech University Foundation

Middlebury College

New College of Florida

Rhode Island School of Design

St. Mary’s College of Maryland Foundation

Texas Tech Foundation

University of Dayton

University of North Carolina System

University of North Florida

Ventura College Foundation

West Virginia University Foundation

Many higher education institutions and nonprofit organizations use Blackbaud platforms to manage donor databases. Data such as donors’ names, addresses and past philanthropic history may have been accessed in the attack, but not credit card information, bank account information and Social Security numbers, as these data are encrypted by Blackbaud.

More than 200 organizations internationally are thought to be impacted by the security breach, which was discovered by the company in May. The company began making disclosures to customers in July, according to reporting by the BBC.

Dozens of universities were impacted by the breach, many in Great Britain, the U.S. and Canada. “To respect the privacy of our customers, we are not providing the names of those that were part of this incident,” said Blackbaud in a statement. “The majority of our customers were not part of this incident.”

The company declined to share the total number of U.S. universities affected.