Blackbaud admits bank account details were lost in May data breach
Cloud firm faces growing backlash and potential legal action in the US following cyber attack over the summer
Bank account information was among the data exposed during a hack on software provider Blackbaud, despite previous assurances that the incident was limited to "other types" of personal data.
The firm revealed in a regulatory filing that the hackers may have accessed "some unencrypted fields" relating to financial data.
"Further forensic investigation found that for some of the notified customers, the cyber criminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords," the firm stated in its filing.
Both the University of Birmingham and the National Trust have both started investigations and are in communication with Blackbaud to determine if their financial data had been stolen, according to the BBC.
"We are aware that some financial data may have been accessed as a result of the data breach and are working with Blackbaud to determine if this affects us," a spokesman for the National Trust told the BBC.
Blackbaud, a cloud service that provides fundraising software to organisations across the world, was hit by a cyber attack in May, with hackers extracting a copy of a subset of data. At least twenty universities and charities across the UK, US, and Canada were hit by the breach.
When the incident was first discovered in July, Blackbaud stated that financial data was not included in the leak and that it had paid a ransom to hackers on the understanding that the stolen data would be deleted.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
According to the Information Commissioner's Office, 166 companies in the UK are thought to have been affected by the breach.
Ransomware attacks have caused mass disruption to the UK's education sector in 2020. A number of universities have had IT systems locked by hackers, with threats to release the data online if they don't pay. Some organisations have been open about their links to Blackbaud, such as York and Leeds universities, while others haven't disclosed full details regarding their incidents.
Despite that, the list of companies involved in the Blackbaud breach continues to grow and with it reports of legal action against the cloud service provider. Ten American health firms have filed lawsuits seeking class-action status against Blackbaud, according to reports in the US.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.
-
Microsoft Surface Laptop 8 (13.8in) reviewReviews The business model of the Surface Laptop 8 is a Panther Lake beast with long battery life and a privacy display
-
The agents you use to beef up cybersecurity could be turned against youNews Research shows agents can be fooled into executing malicious code while performing security reviews of third-party software
-
Working with the enemy: Ransomware negotiator-turned cyber criminal jailed after working with hackers to extort clientsNews Angelo Martino was supposed to be negotiating on behalf of victims, but was secretly working for ransomware operators
-
Hackers are posing as Interpol to target small businesses – here's what you need to knowNews Small businesses are warned to think twice before clicking on links
-
‘Every hour ransomware goes undetected drastically increases its potential blast radius’: Hackers are breaching networks and laying low for longer – and nearly half of firms don’t realize until data is stolenNews An ExtraHop survey found more intrusions are going undetected, leading to longer dwell times
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation