Posted on July 25, 2020 at 12:21 PM
More than 20 universities and charity organizations in Canada, the US, and the UK have confirmed that they were affected by a recent cyberattack that infiltrated a software supplier.
In May, hackers held an infiltrated Blackbaud system and demanded a ransom, which was paid to the actors. The software vendor, based in the U.S, is the largest supplier of financial management, fundraising, and education software.
The extent of breach not revealed by Blackbaud
When Blackbaud confirmed the breach of its systems, the company did not reveal the level of compromise. But is appears tens of educational and charity organizations have been affected. Even when the company’s data was stolen, it took them weeks to inform the public. The company is currently facing backlash for taking such a long time to disclose very sensitive information to those affected.
In some instances, only the personal information of former students was affected. These alumni donated to their former schools to offer financial support to the projects in the school. And in other instances, the breach extended to existing students, the staff of the institution, as well as other supporters.
The universities and charity organizations affected by the breach include.
- Ambrose University, Alberta, Canada
- Cheverus High School: Catholic High School Portland
- Choir with No Name
- De Montfort University
- Human Rights Watch
- Loughborough University
- Middlebury College, Vermont
- New College of Florida
- Northwest Immigrant Rights Project
- Other organizations, including charities, confirmed as affected are:
- Oxford Brookes University
- Rhode Island School of Design, US
- The Bishop Strachan School, Canada
- The institutions the BBC has confirmed have been affected are:
- University College, Oxford
- University of Birmingham
- University of Exeter
- University of Leeds
- University of London
- University of North Florida
- University of Reading
- University of Strathclyde
- University of York
- Vermont Foodbank
- Vermont Public Radio
- West Virginia University
- Young Minds
The institutions are currently reaching out to those whose data has been compromised to apologize for the breach.
Also, the breached data included the donation history of the individual, their phone numbers, as well as the events they have attended in the institution.
The National Cybersecurity Center has been informed about the development, and it has begun an investigation.
“We are aware of this incident and are supporting partners in the UK and internationally in response,” a spokesperson from the security center stated.
Blackbaud tried to stop the attack
Blackbaud said the breach affected only a few customers, referring to a statement on its website stating how it was able to prevent an attack on its system. However, Blackbaud admitted that it was not completely successful in the prevention of the attack, as the actors successfully removed a subset of data from its database bank.
Blackbaud also admitted that it met the ransom demands of the hackers. Although paying the ransom is not illegal, it goes against the warnings of several law enforcement agencies, including Europol, NCA, and the FBI.
The software vendor also said that when the hackers received payment of the ransom, they confirmed that they have destroyed a copy of the stolen data.
Ransom payment will encourage more hackers
According to the chief information officer at cybersecurity company Nominet, Cath Goulding, it is disturbing that Blackbaud still went ahead to pay the hackers, despite numerous advice against it. In this case, the data could still be exposed despite the payment of the ransom. He further pointed out that the action will only encourage future attacks.
It’s not clear how many affected individuals have been notified about the breach. But some students and alumni of the affected institutions have been expressing their worries about the incident that left their personal information exposed. They are also concerned whether the cybercriminals will be true to themselves when they said they have destroyed the stolen data.