Blackbaud Data Breach – Class Action Investigation

CSK&D is investigating a potential data breach class action related to a reported breach affecting Blackbaud, Inc.. Blackbaud is a cloud computing provider, serving as an administrator for storing sensitive customer data for a large range of different organizations including nonprofits, foundations, educational institutions, healthcare providers, etc. Its customer base includes more than 25,000 organizations in more than 60 countries.

On July 16, 2020, the Company disclosed that it had been the victim of a ransomware attack in May 2020. The Company described that hackers had breached their network and installed ransomware that had locked the company’s customers out of their data and servers. Before being pushed off the server, the cyberhackers managed to steal a subset of sensitive customer data stored on this server and threatened to expose the data unless the Company paid a ransom demand. Blackbaud ended up paying the sum, and they allegedly trust that the hackers destroyed the data. Nevertheless, organizations whose data was taken had to incur the time and expense of providing notification to their donors/customers/clients/etc, that their data was exposed.

If your organization uses BlackBaud’s services and received notification that its information was involved in the breach, we would like to here from you.