657,392 Northern Light Health Foundation Donors Affected by Blackbaud Cyber Attack

The 10-hospital integrated healthcare system known as Northern Light Health Foundation, which is based in Brewer, ME, has stated that the recent ransomware attack on Blackbaud Inc. has affected its databases.

The affected databases contained the information of donors, prospective donors, and people who may have joined a fundraising event previously. Patient medical data were stored separately and were not impacted. The databases included information about 657,392 individuals.

Blackbaud based in South Carolina is one of the world’s largest providers of education, fundraising, administration, and financial management software. A firm as big as Blackbaud is clearly targeted by cybercriminals. Blackbaud mentioned it experiences hundreds of attacks per month but its cybersecurity staff efficiently defends the firm against those attacks, though in May 2020 an attack prevailed.

The ransomware attack may have been a lot worse. Blackbaud discovered the ransomware attack immediately and took action to prevent the attack. Blackbaud had stopped the ransomware from totally encrypting its records, and just a subset of the firm’s 25,000+ clients was affected. The attack failed to impact its cloud system and the bulk of its self-hosted environment was not affected.

As is right now typical in manual ransomware attacks, prior to encryption of files, the attackers exfiltrated data. Blackbaud stated in a breach notice that the attackers just copied a subset of data and did not steal highly sensitive information such as bank account information, Social Security numbers, and credit card information.

Because safeguarding customers’ information is Blackbaud’s main priority, the firm paid the cybercriminal’s ransom demand with the assurance of deleting the copied information. According to the findings of the investigation, it is thought that the cybercriminal held no information, and will not misuse, disseminate, or make it accessible to the public.

It is presently uncertain how many Blackbaud clients were impacted by the ransomware attack. Northern Light Health Foundation stated in its breach notice that it was impacted. A number of other healthcare companies in Maine stated the same. Other healthcare companies identified to have been impacted were the Cancer Research Institute based in New York City and the Prostate Cancer Foundation based in Santa Monica, CA.

The BBC states that no less than 10 universities in the UK, Canada, and the US were impacted, which includes Emerson College in Boston, Rhode Island School of Design, and Harvard University, together with charities, media companies, and a number of private-sector firms. Although the attack took place in May 2020, the affected clients did not receive notices until July 16, 2020. It is not clear why alerting the impacted clients was late, particularly considering plenty of those clients are based in the EU. The EU General Data Protection Regulation (GDPR) necessitates the sending of notices to data protection government bodies in 72 hours of a breach incident. Data controllers must likewise be informed quickly.