Although the attacker was expelled, it removed “a copy of a subset of data from our self-hosted environment." The cybercriminal did not access credit card information, bank account information, or social security numbers.” Blackbaud did not give the amount of payment, but said it “paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.” Customers who were have affected have been notified and “supplied with additional information and resources”, it said. However, Blackbaud said the attack did not involves applications in its public cloud environment, “nor did it involve the majority of our self-hosted environment." The company said it follows security best practices, but it has implemented changes to prevent the specific threat from happening again.”Last modified on Thursday, 30 July 2020
BLACKBAUD PAID RANSOM FOR DATA Featured
Blackbaud paid ransomware attackers, the nonprofit software company said this month. Blackbaud said it discovered and stopped an attack in May and prevented it from blocking system access and fully encrypting files.