Blackbaud Faces Criticism for Paying Ransom in Data Breach

Blackbaud Faces Criticism for Paying Ransom in Data Breach

by | Aug 10, 2020

Every organization, no matter how noble its cause, is at risk for data breach threats. Blackbaud, a cloud computing provider that focuses on serving the social good community – including non-profits, educational institutions, healthcare organizations and religious organizations – reports encountering millions of cyberattacks every month. While the company implements proactive security measures to prevent, detect and eliminate cyber threats, it recently discovered a successful ransomware attack that exposed some of its client data.

The Blackbaud clients affected in the data breach are educational and non-profit organizations such as the University College Oxford, the University of London, Human Rights Watch and Young Minds, to name a few. Law enforcement, forensic experts and Blackbaud’s own security team managed to stop the attack. However, the cybercriminals still managed to remove a copy of a subset of data from Blackbaud’s self-hosted environment that included names, student IDs, contact information and other personal.

Blackbaud officials said no personal information or payment information were exposed during the breach. They did confirm they paid an undisclosed ransom to have the stolen data destroyed by the cybercriminals.

Critics are questioning whether giving into the cybercriminal’s demands is an effective way to deal with cybercriminals.

Is rewarding cybercriminals for successfully stealing company data an effective solution?

In this case, Blackbaud officials said they bought “peace of mind” by paying for stolen data to be destroyed. However, critics have said this might make Blackbaud an easy target for future attacks. They added it also is essentially creating a “demand” for hackers.

Premier Credit Monitoring.

Receive premier credit monitoring and identity theft insurance for you and your family with our MAX plan.**

*Source: Fair Isaac Corporation.

**Underwritten by AIG.

FICO is a registered trademark of the Fair Isaac Corporation in the United States and other countries.

Copyright © 2024 IDIQ® provider of MyScoreIQ® services | All Rights Reserved

Follow us on social