Back to Insights

Blackbaud Hack – Globally One More Ransomware Attack

Cyber security 08/05/2020 - 12:13 by Ruchika Tyagi

Global Ransomware Attacks - Blackbaud Hack

Hackers are getting smarter day by day. Every day we hear news on breaches or cyberattacks on a small scale or at a mass scale. Last month we heard of the Twitter attack and this time it’s a ransomware attack on Blackbaud, a US-based company – the largest provider of CRM.

Blackbaud is the largest provider of education, administration, fundraising, and financial management software platform.

Blackbaud was hacked in May 2020. Blackbaud released a statement that before locking cybercriminals out, the cybercriminals copied some of the data from their self-hosted environment.

As per the reports published by BBC, stolen data included phone numbers, donation history, and events attended. Payment details like credit cards do not appear to have been exposed. Also, the data is not limited to former students who were financially supporting the institution but also to its staff, existing students, and other supporters.

Which organizations are affected by the Blackbaud hack?

As per BBC reports educational institutions which are affected are:

  1. University of Birmingham, De Montfort University
  2. University of Strathclyde
  3. University of Exeter
  4. University of York
  5. Oxford Brookes University
  6. Loughborough University
  7. University of Leeds
  8. University of London
  9. University of Reading
  10. University College, Oxford
  11. Middlebury College, Vermont
  12. West Virginia University
  13. New College of Florida
  14. Cheverus High School: Catholic High School Portland
  15. The Bishop Strachan School, Canada
  16. University of North Florida
  17. Ambrose University, Alberta, Canada
  18. Rhode Island School of Design, US

Non-Profit organizations such as charities are affected:

  1. Choir with No Name
  2. Vermont Foodbank
  3. Vermont Public Radio
  4. Northwest Immigrant Rights Project
  5. Human Rights Watch
  6. Young Minds
  7. National Trust
  8. Wallich and Crisis
  9. Sue Ryder

As per the BBC, the UK’s ICO has informed that 125 organizations had reported to it for the Blackbaud attack. Maybe many more charities or educational organizations may have been affected.

How is privacy law affected and what is its impact?

Under the General Data Protection Regulation (GDPR), organizations must report a significant breach to a relevant supervisory authority within 72 hours of becoming aware of the breach or face potential fines. There will be 2 levels of fines based on the breach. The minimum fine is up to €10 million or 2% of the company’s company’s global turnover and the maximum fine is up to €20 million or 4% of the global turnover

If a breach has a significant impact then the organization must notify the Information Commission Officer (ICO) within 24 hours. And also notify the users if they are likely to be affected.

Blackbaud informed The UK’s ICO and Canadian data authorities about the data breach at least 8 weeks after discovering the cyber-attack. This means a clear violation of the GDPR.

The GDPR applies in this case because UK students are among those affected, and they are still covered by all the regulations until the Brexit transition ends on 31st Dec 2020.

All the institutions are sending emails & letters apologizing to those on the compromised breaches.

Actions are taken by Blackbaud:

As per the reports Blackbaud has paid an undisclosed ransom demand to save the customer’s data. After this, they released a statement that they had paid the hackers, and hackers confirmed that the data they had had been destroyed.

Paying the ransomware money is not illegal in the US & UK but it is against the advice of numerous law enforcement agencies such as the FBI, NCA, and Europol.

Blackbaud also said that it is working with law enforcement agencies and 3rd party investigators to check whether the data is on the dark web.

But questions persist about ransomware attacks and whether you can trust a cybercriminal.

Conclusion

Ransomware gangs are now focussing on corporate networks, where they get an initial foothold and steal the victim’s data before encrypting the local files. Victims are then forced to pay a ransom demand- either for unlocking or decrypting the files or for preventing their stolen data from being published on the internet.

Ransomware attacks are on the rise, especially as the Covid-19 pandemic continues. As part of due diligence before working with any provider, you should check that the provider must have adequate technical and organizational measures in place to defend against a ransomware attack.

How Teceze can help you?

Teceze has architectured cyber security practices with a dedicated team of professionals. We follow industry-standard best practices, evaluate ongoing risk assessments, and regularly test the security of our solutions. We make sure to provide the Managed IT services from a secured 24*7 Security operations center. Our expert cybersecurity team successfully defends against cyber threats while continuously learning the landscape to stay ahead.

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.

Blackbaud, is the world's largest providers of financial and fundraising technology to nonprofits, was hacked and paid a ransom to have the hijacked data.