Blackbaud Data Security Incident
1. What happened?
On July 16, 2020, a third-party vendor, Blackbaud, informed The Task Force that Blackbaud suffered a ransomware attack in May 2020, which may have resulted in unauthorized access to certain information maintained by Blackbaud. Upon learning of this event, The Task Forcce immediately commenced an investigation to determine what, if any, The Task Force data was impacted. Please know that we take this incident and the security of our donors’ information very seriously. We are diligently working to determine the full nature and scope of this incident, as well as confirm whether and what Task Force data may be involved.
2. When did The Task Force discover that this happened?
On July 16, 2020, our third-party vendor, Blackbaud, informed us that it experienced an attempted ransomware attack in May 2020. We immediately began an investigation to determine how this incident impacts The Task Force, and our investigation is ongoing. Please know we take the security of information very seriously and are diligently working to learn more about this incident.
3. Who is Blackbaud and do they have my personal information?
Blackbaud is a cloud-computing provider that offers customer relationship management and financial services tools, focusing on the non-profit sector. The Task Force uses Blackbaud primarily for these services, including managing our donor information and our accounting services. While Blackbaud does store certain The Task Force information, we are currently working to confirm what, if any, of this information was impacted by Blackbaud’s ransomware event.
4. What information of mine was potentially accessed?
The Task Force is actively investigating what, if any, information was potentially impacted by Blackbaud’s ransomware event. While our investigation is ongoing, to date, Blackbaud advised that no credit card information was included in the impacted files, and that no bank account information, usernames, passwords or Social Security numbers were accessible to the unauthorized actor. Moreover, Social Security numbers are not stored by The Task Force in this system.
The Task Force understands, however, from the information provided by Blackbaud, that certain financial-giving records were included among the data potentially impacted by the recent incident. Such records could include donors’ names, physical addresses, phone numbers, birthdates, and donor profile information, such as donors’ real estate asset holdings, or giving history. We continue to investigate this incident and can provide additional updates as necessary.
5. What is The Task Force doing to prevent this from happening again?
The Task Force is currently investigating the nature and scope of this incident and will work with Blackbaud to evaluate additional measures and safeguards to protect against this type of incident in the future.
6. Why did it take so long to notify me?
Blackbaud was advised by law enforcement not to begin notifying customers of the incident until the investigation of the extent of the breach was complete. The Task Force continues to seek information from Blackbaud regarding its investigation and response to this incident, including why The Task Force and other customers were not notified sooner. However, upon receiving initial notification from Blackbaud on July 16, 2020, The Task Force immediately responded and launched an investigation to determine the extent to which The Task Force data may be impacted. Our initial investigation and response efforts were required to ensure the accuracy of the information provided to you. The Task Force then moved to notify those whose information may be impacted.
7. What should I do?
While this event did not involve any disclosure of your Social Security number or financial account details, The Task Force encourages everyone to be vigilant in monitoring for phishing or other social engineering campaigns from sources that may appear to be The Task Force. When donating to The Task Force, please be sure that any web sites are authentic (taskforce.org). Please do not hesitate to reach out if you have a question about the legitimacy of any communication you receive from a source that appears to be The Task Force.
While there is no evidence of misuse of the information involved in this event, the following are best practices to take as a result of any data security event:
Monitoring your financial statements carefully. If you see any unauthorized or suspicious activity, promptly contact your bank, credit union, or credit card company.
Monitoring your credit reports for suspicious or unauthorized activity. Under U.S. law you are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also contact the three major credit bureaus directly to request a free copy of your credit report:
P.O. Box 9554
Allen, TX 75013
P.O. Box 2000
Chester, PA 19106
P.O. Box 105069
Atlanta, GA 30348
Placing a fraud alert on your credit file. You have the right to place an initial or extended “fraud alert” on your file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Contact the three major credit bureaus directly to place a fraud alert on your credit file.
Placing a security freeze on your credit file. A security freeze will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a security freeze on your credit report. Contact the three major credit bureaus directly to place a security freeze on your credit file.
Contacting the Federal Trade Commission and your state Attorney General to learn more about identity theft, fraud alerts, security freezes, and other steps you can take to protect yourself.
The Federal Trade Commission can be reached at:
600 Pennsylvania Avenue NW,
Washington, DC 20580
Reporting incidents of suspected or actual identity theft or fraud to law enforcement, the Federal Trade Commission, and your state Attorney General.
8. Was law enforcement notified?
Yes, Blackbaud reports that they notified the FBI and are cooperating with the FBI’s investigation. They report that they are unable to share further details because the investigation is ongoing.
9. Is Credit Monitoring being offered?
Credit monitoring is not being offered as this event did not impact Social Security numbers. While there is no evidence of misuse of the information involved, credit monitoring would safeguard or monitor for misuse of the information impacted by this event.
For further questions and concerns, please contact:
William P. Nichols
Executive Vice President/Chief Operating Officer
The Task Force for Global Health
325 Swanton Way
Decatur, GA 30030