Breaches affect not only the company whose data was stolen, but also every company whose data they store, manage, or transmit, both directly and indirectly. By proactively using data protection technology, companies can prevent breaches from happening—and help minimize risk after breaches occur.
In May 2020, Blackbaud, a CRM/ERP tool widely used by higher education institutions and nonprofits around the world for fundraising, was breached. ZDNet reported that while Blackbaud stopped the attack before the hackers installed ransomware on the network, the hackers stole data from the cloud servers where customers save data files about donors, which typically include financial information and income data. Blackbaud made the decision to pay an undisclosed ransom amount to prevent the criminals from erasing the data.
In adherence with privacy regulations, Blackbaud recently notified each customer whose data was involved in the breach. However, their customers must also notify each donor whose information was potentially stolen. For example, the Labour Party in the UK used Blackbaud’s Raiser’s Edge platform for fundraising. UK leaders informed donors that, in addition to financial data, the Labour Party’s files included donors’ political opinions and views.
What to do if your company was involved in the Blackbaud Breach
Spirion has been hands-on in working with potentially affected Blackbaud customers, to help locate and remediate any data involved in the breach. By using Spirion, these customers can quickly determine their exposure and limit the impact.
We want to ensure that companies impacted by the Blackbaud Breach feel supported. Consider these four steps as you begin to navigate and explore the impact of the Blackbaud breach on your organization:
- Confirm directly with Blackbaud that your organization was in fact affected by the breach. If you’ve received an email saying that your organization has been affected by the Blackbaud breach, that isn’t enough to confirm your exposure — it could be from scammers posing as the potentially breached company in an effort to get your sensitive information. Don’t respond to potentially fake emails. Contact Blackbaud directly to confirm the breach.
- Confirm what types of data were affected in the breach. As part of your breach notification and reporting process it is important to validate the scope of affected data. Knowing which data types were affected will assist in the internal identification of the locations and controls currently in place. This will also assist in the accurate reporting of the scope of the breach.
- Contact your Blackbaud support representative and request the following:
• A copy of your organization’s databases for each product under license
• A copy of the database schema
- Identify scope of affected data and begin to formulate response. Leveraging a combination of the techniques outlined below, Spirion and native database tools, evaluate scope of breach and identify affected parties.
Your step-by-step guide to recovering from the Blackbaud Breach
To help current customers quickly resolve issues related to the breach, Spirion created a guide to walk you through the process of preparing your response and initiating recovery using Spirion Sensitive Data Manager. Whether you are a current customer or are interested to see how Spirion’s Sensitive Data Manager can save significant time and reduce reputation damage, download the “2020 Blackbaud Breach: Quantifying Organizational Risk and Preparing Your Response.”