August 31, 2020
Blackbaud Data Breach - May Have Affected Inglis
Blackbaud Ransomware Attack
Here at Inglis, we value our incredible community above all else and we take the protection and proper use of our community’s information very seriously. In complete transparency, and as a precautionary measure, we are providing the following information regarding a data security incident with one of Inglis’ third-party service providers, Blackbaud.
Blackbaud, one of the world’s largest software and cloud hosting solutions, reports that a ransomware attack occurred within the Blackbaud environment between February 7, 2020 and May 20, 2020. While Blackbaud stated that they took quick action, Blackbaud has indicated that a subset of data was removed from their environment. Many of Blackbaud’s thousands of clients worldwide were effect. Based on the notification provided by Blackbaud, Inglis’ data may have been included.
Blackbaud shared that they paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Blackbaud states that based on the nature of the incident, their research, and third party investigations (including by law enforcement), there is no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly. Inglis has no way to independently verify this.
According to Blackbaud, no credit card or bank information stored within the system was affected because it is encrypted. In addition, Personal Health Information for those we serve was not affected. However, the file removed may have contained personal and contact information as well as the history of one’s relationship with Inglis, such as donation dates and amounts.
Inglis is deeply disappointed by this incident and, while Blackbaud is responsible, we sincerely regret any inconvenience it may cause. For further questions or concerns regarding this matter, please contact us at firstname.lastname@example.org.
Read Blackbaud’s full statement on the incident here: https://www.blackbaud.com/securityincident
As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper law enforcement authorities.
We recommend that you consider taking the following steps as a precautionary measure.
- Register a fraud alert with the three credit bureaus listed here:
- Experian: (888) 397-3742; www.experian.com; PO Box 9532, Allen, TX 75013
- TransUnion: (800) 680-7289; www.transunion.com; Fraud Victim Assistance Division, PO Box 6790, Fullerton, CA 92834-6790
- Equifax: (800)525-6285; www.equifax.com; PO 740241, Atlanta, GA 30374-0241
- Order credit reports: Everyone may obtain a free copy of their credit report once every 12 months by either visiting www.annualcreditreport.com, calling toll free at 1-877-322-8228 or by completing an Annual Credit Report Request Form.
- Monitor account statements and credit bureau reports closely
Contact the Pennsylvania Bureau of Protection; 15th Floor, Strawberry Square, Harrisburg, PA 17120; 717-787-9707; 800-441-2555 (Toll-Free Helpline)