Westminster College Home > About Westminster College in Missouri > Offices and Services > Department of Information Technology > Blackbaud Incident

Blackbaud Incident

Blackbaud, a constituent relationship management service that is widely used by nonprofits throughout the world for record-keeping purposes, discovered and halted a ransomware attack involving many of its clients, including Westminster College. More than 200 organizations internationally are thought to be impacted by the security breach. After discovering the attack, Blackbaud’s cybersecurity team, together with independent forensics experts and law enforcement, including the FBI, blocked the cybercriminals from doing additional damage. The cybercriminals, however, successfully removed a back-up copy of files containing some personal information of various members of our Westminster community. This breach occurred no earlier than Feb. 7, 2020, with the cybercriminals possibly accessing data intermittently until May 20, 2020.

Information obtained could have included data on those in our Westminster database such as name, date of birth, contact information, degree information, and Westminster giving history. According to Blackbaud, no credit card data, Social Security numbers, passwords, or bank account information was compromised in this breach, as this information was encrypted. Westminster College is conducting its own review of the information provided by Blackbaud.

 

FAQs About Blackbaud

Blackbaud is a constituent relationship management service that is widely used by nonprofits throughout the world, including colleges and universities, for record-keeping purposes.
Like many colleges and universities, Westminster College contracts with Blackbaud for constituent relationship management services. At Westminster, this system is used in the Departments of Institutional Advancement and Alumni Engagement to record data pertaining to members of the Westminster community.
Blackbaud discovered and put a halt to a ransomware attack involving more than 200 of its clients throughout the United States, Britain, and Canada, including Westminster College. After discovering the attack, Blackbaud’s cybersecurity team, together with independent forensics experts and law enforcement, including the FBI, blocked the cybercriminals from doing additional damage. The cybercriminals, however, successfully removed a back-up copy of files containing some personal information of individuals at approximately 200 organizations, including individuals within the Westminster community. Blackbaud paid the cybercriminals a ransom to ensure the backup file was permanently destroyed. This breach occurred no earlier than Feb. 7, 2020, with the cybercriminals possibly accessing data intermittently until May 20, 2020. Please read Blackbaud’s notice for more specifics.
It’s important to note that, according to Blackbaud, the cybercriminals did not access credit card information, bank account information, or Social Security numbers. Blackbaud has further stated that this information if stored on Blackbaud systems, is secured using encryption technologies. However, it is our understanding the affected data may have included constituents’ contact information, demographic information, and a history of their relationship with the College. We continue to work diligently to review Blackbaud’s information concerning this incident.
Upon receiving notification of the security breach, Westminster College immediately conducted an internal investigation to go above and beyond Blackbaud’s blanket notification in order to isolate any potential beaches of sensitive information concerning the Westminster community. We further conducted a targeted investigation to examine Blackbaud’s methodology and practices regarding the attack, soliciting multiple requests for responses from the company on behalf of the College. Overall, the information provided by Blackbaud was limited.
Ensuring the safety of our constituents’ data is of the utmost importance to us. As mentioned above, we immediately launched our own investigation and have taken the following steps:

  1. We are notifying you so that you are aware of this breach of Blackbaud’s systems and can remain vigilant. 
  2. We are pressing Blackbaudto to provide more details on the size, scope, and depth of the breach as it relates to their clients in the higher education and nonprofit sectors.
  3. We are working with Blackbaudto understand why there was a delay between finding the breach and notifying us, as well as any additional actions Blackbaud has taken to increase their security.
As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities such as the Federal Trade Commission and the Office of the Missouri State Attorney General.

Next Steps

We recommend that you place a fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. To do so, call any one of the three major credit bureaus listed below. As soon as one credit bureau confirms your fraud alert, the others are notified to do the same. The initial fraud alert stays on your credit report for one year. You can renew it after one year.

Equifax: equifax.com (link is external) or 1-800-685-1111

Experian: experian.com (link is external) or 1-888-397-3742

TransUnion: transunion.com (link is external) or 1-888-909-8872

Request that all three credit reports be sent to you, free of charge, for your review. Even if you do not find any suspicious activity on your initial credit reports, the Federal Trade Commission (FTC) recommends that you check your credit reports periodically. Thieves may hold stolen information to use at different times. Checking your credit reports periodically can help you spot problems and address them quickly.

If your personal information has been misused, visit the FTC’s site at IdentityTheft.gov to receive recovery steps and to file an identity theft complaint. Your complaint will be added to the FTC’s Consumer Sentinel Network, where it will be accessible to law enforcers for their investigations.

You also may want to consider contacting the major credit bureaus at the telephone numbers above to place a free credit freeze on your credit file. A credit freeze means potential creditors cannot access your credit report. That makes it less likely an identity thief can open new accounts in your name.

In addition, you may consider downloading a copy of Identity Theft: A Recovery Plan, a comprehensive guide from the FTC to help you guard against and deal with identity theft.

If you have questions, please contact Jeni Whittington, Director of Advancement Services, at 573-592-6216 or Jeni.Whittington@WCMO.edu.