Cloud software provider, Blackbaud, fell victim to a ransomware attack and decided to pay to avoid a release of data information.

The summary of the incident detailed by Blackbaud started in May when the company said it discovered and stopped a ransomware attack. Blackbaud describes itself as a provider of cloud software, services, expertise, and data intelligence that empower and connect people to drive impact for social good.

After discovering the attack, Blackbaud’s security team, along with independent forensics experts and law enforcement, successfully prevented attackers from fully encrypting files.

Before the discovery and blocking out of the bad guys, attackers “removed a copy of a subset of data from our self-hosted environment,” company officials said in a statement. “The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.”

Schneider Bold

Blackbaud went on to explain the incident did not involve solutions in its public cloud environment (Microsoft Azure, Amazon Web Services), nor did it involve the majority of self-hosted environment.

Users who subsequently fell victim to the incident ended up notified and supplied with additional information and resources.

In defending its background, Blackbaud continued in its statement by saying, “independent reviewers have evaluated our program and determined that it exceeds benchmarks for both the financial and technology sectors. We follow industry-standard best practices, conduct ongoing risk assessments, aggressively test the security of our solutions, and continually assess our infrastructure. We are also a member of various Cyber Security thought leadership organizations, including: The Cloud Security Alliance and Financial Services Information Sharing and Analysis Center (FS-ISAC), where we team up with other experts to share best practices and tactical threat information for the Cyber Security community. We believe the strength of our cybersecurity practice and advance planning is the reason we were able to shut down this sophisticated ransomware attack.”

Blackbaud added they implemented changes to prevent this specific issue from happening again.

Click here for more information on Blackbaud’s ransomware release.


Pin It on Pinterest

Share This