657,392 Northern Light Health Foundation Donors Impacted by Blackbaud Ransomware Attack

The 10-hospital integrated healthcare system called Northern Light Health Foundation, which is located in Brewer, ME, has reported that the latest ransomware attack on Blackbaud Inc. has impacted its databases.

The impacted databases held the data of donors, would-be donors, and persons who might have gone to a fundraising event before. Patient medical information was kept separately and was not affected. The databases comprised the data of 657,392 people.

Blackbaud in South Carolina is one of the biggest companies providing education, fundraising, financial management, and administration software programs. An organization as great as Blackbaud is obviously hunted by cybercriminals. Blackbaud stated it runs into numerous attacks every month but its cybersecurity group excellently protects the corporation against those cyberattacks, even though in May 2020 one attack became successful.

The ransomware attack might have been much worse. Blackbaud became aware of the ransomware attack fairly quickly and took steps to stop the attack. Blackbaud had held back the ransomware from completely encrypting its data, and merely a part of the corporation’s 25,000+ customers was impacted. The attack didn’t have an effect on its online system and most of its self-hosted environment was not impacted.

As is currently well-known in manual ransomware attacks, before encryption of records, the attackers exfiltrated information. Blackbaud explained in its breach notice that the attackers merely copied a part of the information and didn’t steal highly sensitive data including bank account details, Social Security numbers, and credit card data.

Since securing customers’ records is Blackbaud’s number one priority, the company gave the cybercriminal’s demand with a guarantee of destroying the copied data. Based upon the result of the investigation, it is assumed that the cybercriminal had no information, and will not misuse, share, or make it available publicly.

It is at present not clear how many Blackbaud clients were affected by the cyberattack. Northern Light Health Foundation mentioned in its breach notice that it was affected. A few other healthcare institutions in Maine claimed the same. Other healthcare institutions discovered to have been affected include the Cancer Research Institute in New York City and the Prostate Cancer Foundation in Santa Monica, CA.

The BBC reports that around 10 universities in the UK, US, and Canada were affected, such as Emerson College in Boston, Harvard University, and the Rhode Island School of Design, as well as charities, media organizations, and a bunch of private-sector corporations. Though the attack happened in May 2020, the impacted clients did not get notifications until July 16, 2020. It is uncertain why notifying the affected clients was delayed, especially considering a lot of those clients are from the EU. The EU General Data Protection Regulation (GDPR) calls for the issuance of notifications to data protection regulating authorities within 72 hours of a breach occurring. Data controllers should also be notified immediately.