Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. What happened? What lessons can enterprises learn from it? What might the fallout of the Blackbaud ransomware attack entail?
Here are the facts. Blackbaud, a cloud software supplier, suffered a ransomware attack that took place over the course of several months and only discovered in May. Upon discovery, Blackbaud decided to pay the ransomware attackers, a move considered unwise by cybersecurity experts.
Then, the supplier waited two months before initially disclosing the attack to the public. In its original statement, Blackbaud stated that its security team mitigated the damage and expelled the attackers. Additionally, it claimed it paid off the hackers to protect its clients, and that the hackers did not access sensitive data. However, they acknowledged hackers did copy a subset of client data.
In a new regulatory filing, Blackbaud admitted that hackers did steal sensitive data from some customers including bank account information and social security numbers. Breached information also includes passwords and usernames, although the company believes credit card information was not affected. The affected information may not have been encrypted prior to the attack.
Blackbaud’s clients include numerous universities as well as several charities in the U.S. and the U.K.
External Link: Making Sense of the Blackbaud Ransomware Attack