Blackbaud Data Breach
We were informed yesterday of a security incident at Blackbaud, our fundraising technology platform vendor. Blackbaud is one of the largest companies in its industry and serves non-profits around the globe. They informed us that at some point between February and May of this year, they experienced a ransomware attack described as a large operation that involved the data from multiple nonprofit organizations. Hopelink holds the privacy and security of donor information as a top priority and we are taking this incident very seriously. Blackbaud has stated that the cybercriminals did not obtain donor credit card or bank account information, because it was encrypted. Hopelink does not collect or keep social security numbers.
Blackbaud has stated that they believe the data affected in the ransomware attack has been destroyed and they have hired an external security team to monitor for evidence to the contrary. Data accessed in the attack may have included donor name and contact information, including telephone numbers, email addresses and mailing addresses, according to Blackbaud. The data may also have included a history of donors’ relationships with Hopelink, such as some donation dates and amounts.
Blackbaud has stated that they have no reason to believe there will be any public disclosure of data. With the safety of your information as our highest priority, Hopelink leadership has taken a very active role in working with Blackbaud to determine how this security breach occurred, and how to prevent it from happening again. Blackbaud’s official statement describes the incident in greater detail.
If you have any questions or would like further information, please contact Josalyn Ford at firstname.lastname@example.org.