UW-PARKSIDE RESPONDS TO BLACKBAUD NOTIFICATION
UW-PARKSIDE RESPONDS TO BLACKBAUD NOTIFICATION
On July 16th, UW-Parkside and the UW-Parkside Foundation were notified of a data security incident by Blackbaud, the engagement and fundraising software provider that we use. Blackbaud informed us and hundreds of other client nonprofit organizations and educational institutions that Blackbaud had been the target of a ransomware attack. We are sharing this information as a precautionary measure to share what Blackbaud has told their customers about the incident.
Blackbaud informed us that they discovered and stopped the ransomware attack in May 2020. During this incident the cybercriminal removed a copy of a backup file containing information from many organizations. According to Blackbaud, they paid the cybercriminal’s ransom to destroy the copy of the backup file. A detailed explanation is available on Blackbaud’s website.
What Information Was Involved
As reported by Blackbaud, credit card and bank account information and social security numbers are encrypted in their systems and were not compromised in this incident. We have determined, however, that the backup file accessed by the cybercriminal contained alumni and donor contact information, demographic information, and donation histories.
Based on the nature of the incident and third party (including law enforcement) investigation, we have no reason to believe that any data from UW-Parkside or the UW-Parkside Foundation went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly. Nevertheless, Blackbaud has hired a third-party security service to perform dark web monitoring for such activity. Blackbaud has assured us that they have taken the necessary steps to protect their systems from any subsequent incidents.
What We Are Doing
UW-Parkside takes the protection and proper use of your information very seriously. It’s important to restate that, according to Blackbaud, the cybercriminal did NOT access credit card information, bank account information, or social security numbers. Blackbaud has further stated that this information, if stored on Blackbaud systems, is secured using encryption technologies.
Ensuring the security of your data is our top concern, which is why we’re letting you know about this incident. Blackbaud informed us that they identified the vulnerability associated with this incident, took swift action to fix it, and are further enhancing their security controls. Following notification from Blackbaud, UW-Parkside immediately began working with University of Wisconsin System information security personnel and legal counsel to review the data stored in the University/Foundation’s Blackbaud environments and assess the potential impact on our constituents. We will continue to monitor this incident and provide any updates that may impact your personal information.
What You Can Do
Although there is currently no evidence that your information is compromised or will be misused, as a best practice, we recommend you remain vigilant and promptly report any suspicious activity to the Wisconsin Attorney General’s Office.
If further information about the incident becomes available and we believe anyone may have been directly affected, we will follow up with those individuals. Please be assured that we take data protection very seriously and we are grateful for your continued support and engagement.
For More Information
We take this incident seriously and regret any concern it may cause. If you have further questions, please do not hesitate to contact the Office of University Advancement at development@uwp.edu.