WingNews logo WingNews
top | item 23949193

(no title)

omerhj | 5 years ago

The ACLU has been affected as well. From the email they sent out yesterday:

In all candor, we are frustrated with the lack of information we've received from Blackbaud about this incident thus far. The ACLU is doing everything in our power to ascertain the full nature of the breach, and we are actively investigating the nature of the data that was involved, details of the incident, and Blackbaud's remediation plans.

We are also exploring all options to ensure this does not happen again, including revisiting our relationship with Blackbaud.

discuss

order

amandahugg|5 years ago

Throwaway account - I am in charge of IT from one of the universities affected and am angry at how blackbaud has been so slow at communicating this to us. Even when we asked them the exact fields/data that was stolen they just gave us vague answers.

Our contract with them ends soon and we will definitely not be renewing when it’s up.

stordoff|5 years ago

Selwyn's statement notes much the same:

> On 16th July, Blackbaud informed us of a data security incident [...] they had been the victim of a ransomware attack between February and May 2020.

> Amongst the information that may been affected were the following[...]

> Blackbaud is unable to confirm precisely which individual records have been affected

https://www.selwynalumni.com/main-website-pages/blackbaud-da...

jacquesm|5 years ago

Such a breach could easily count as reason to annul the contract.

ramraj07|5 years ago

If even the ACLU doesn't sue this company for negligence I doubt any org will learn anything going forward.

geegeeteedo|5 years ago

Yeah. One thing which is glaringly obvious from the news reports is that there is no mention of blackbaud identifying the vulnerability and resolving it.

On the basis that A) Blackbaud did not inform it's customers promptly B) The vulnerability is potentially still out there so further data leaks can happen in the future

I think every single organisation using Raisers Edge needs to plan on a migration to a new system. A big and ugly task but I can't see how anyone would think it is responsible to keep their data stored with this organisation.

Not got a stake in it or anything but I work at a charity who use Microsoft D365 (which for charities is dirt cheap) and we are feeling very relieved that we did not decide to use Raisers Edge.