Notice of Data Breach
Seattle Parks Foundation was recently notified by Blackbaud, Inc., one of our third-party service providers, and one of the world’s largest providers of customer relationship management software, of a security incident. At this time, we understand they discovered and stopped a ransomware attack. After discovering the attack, Blackbaud’s Cyber Security team—together with independent forensics experts and law enforcement— successfully prevented the cybercriminal from blocking their system access and fully encrypting files; and ultimately expelled them from their system. Prior to locking the cybercriminal out, the cybercriminal removed a copy of our backup file containing your personal information. This occurred at some point beginning on February 7, 2020 and could have been in there intermittently until May 20, 2020.
What Information Was Involved
It’s important to note that the cybercriminal did not access credit card information, bank account information, or social security numbers. However, Blackbaud has determined that the file removed may have contained Seattle Park Foundation’s donor and partner names, addresses, and giving records/histories.
Blackbaud paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, Blackbaud’s research, and third party (including law enforcement) investigation, Blackbaud has no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.
What We Are Doing
We are notifying you so that you can take immediate action to protect yourself. Ensuring the safety of our constituents’ data is of the utmost importance to us. As part of their ongoing efforts to help prevent something like this from happening in the future, Blackbaud has already implemented several changes that will protect your data from any subsequent incidents. First, their teams were able to quickly identify the vulnerability associated with this incident, including the tactics used by the cybercriminal, and took swift action to fix it. Blackbaud confirmed through testing by multiple third parties that their fix withstands all known attack tactics. Additionally, they are accelerating their efforts to further harden their environment through enhancements to access management, network segmentation, deployment of additional endpoint and network-based platforms.
What You Can Do
As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to Blackbaud and to the proper law enforcement authorities such as the Federal Trade Commission, and the Office of the Washington State Attorney General.