Blackbaud Details

    Organization Logo

    Blackbaud

    Charleston, South Carolina employees • Technology

    Industry

    Technology

    Security Incidents

    1

    Blackbaud, Inc. is a cloud computing provider that serves the social good community—nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents.

    Security Incidents

    Blackbaud Breach of May 2023
    Severity Score
    Significant to High

    Type

    Unknown

    Summary

    In May 2020, Blackbaud, a software company, experienced a significant ransomware attack that resulted in the compromise of private information from 13,000 organizations, including nonprofits, universities, and hospitals. During the attack, threat actors accessed unencrypted Social Security numbers, bank account details, and login credentials, prompting Blackbaud to pay a ransom of 24 bitcoins (approximately $250,000). The company faced criticism for initially downplaying the incident’s severity in their disclosures to customers and investors. Regulatory bodies, including the SEC and the Califo...
    Show more

    Severity

    The incident involving Blackbaud, Inc. is a severe example of a cybersecurity breach with widespread implications. Poor security practices led to the exposure of highly sensitive data, including Social Security numbers and bank account information, impacting millions of consumers and around 13,000 institutions. The company not only succumbed to a ransomware attack and paid a ransom of $250,000 but also failed to implement basic security measures post-attack and misled the public about the extent of the breach. Given these factors, the severity of the incident can be rated as a "Significant to ...
    Show more

    Impact

    The ransomware attack on Blackbaud had a profound impact, primarily due to the exposure of highly sensitive information belonging to millions of individuals, including Social Security numbers, bank account details, and login credentials. This breach significantly disrupted the operations of numerous organizations, ranging from nonprofits to universities and hospitals. Although specific systems were not notably reported as taken offline, the incident highlighted severe deficiencies in Blackbaud’s security practices and their subsequent misleading communications regarding the breach's extent. Co...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos