The OutCare Foundation is notifying our donors of a data security incident at Blackbaud, the third-party company housing our donor database.
We are confident that Blackbaud has effectively addressed the issue, however, we wanted donors to be aware of the incident and the steps that have been taken to address the incident.
We are confident Blackbaud has taken appropriate action and has put in place measures to increase protection and security for our donor information. There is no need for our donors to take any action at this time. However, we encourage our donors to be ever vigilant regarding their personal data and notify authorities should they discover anything out of the ordinary.
We want to assure you that we take every precaution to protect your personal data. To that end, we rely on those third-party providers and their expertise. While we continue to interact with Blackbaud regarding this incident, we remain confident that it has been it has been effectively resolved.
You can read a copy of the letter we received from Blackbaud below.
Should you have any questions, please feel free to contact our office 613- 232-2273, email@example.com.
(copy of letter from Blackbaud – July 17, 2020)
We are writing to notify you about a particular security incident that recently occurred.
The Cybercrime industry represents an over trillion-dollar industry that is ever-changing and growing all the time—a threat to all companies around the world. At Blackbaud, our Cyber Security team successfully defends against millions of attacks each month and is constantly studying the landscape to ensure we are able to stay ahead of this sophisticated criminal industry. In May of 2020, we discovered and stopped a ransomware attack. In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attempted attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system.
Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information or bank account information. Because protecting our customers’ data was our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.
Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. In accordance with regulatory requirements and in an abundance of caution, we are notifying all organizations whose data was part of this incident and are providing resources and tools to help them assess this incident.
And again, based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. We have hired a third-party team of experts to monitor the dark web as an extra precautionary measure.
We understand this situation is frustrating. This was a very sophisticated attack, and while we were able to defend against it for the most part, we realize this is still requiring that you invest time to review the situation, and that you may need to invest time to take follow-up actions. We apologize for this and will continue to do our very best to supply help and support as we and our customers jointly navigate any necessary response to the cybercriminal’s actions.
Chief Information Officer