Blackbaud Attack Merits NPR Response

A Message To Donors

A few weeks ago, we reported on the Blackbaud ransomware attack affecting businesses and non-profits across the US, UK, and Canada. While Blackbaud paid the undisclosed ransom, the entities affected are still dealing with the aftermath.

NPR recently reached out to its donors to let them know their financial information wasn’t compromised. They could not, however, guarantee that all information hadn’t been accessed.

Current.org obtained an Aug. 3 memo by Christopher Turpin, chief of staff and interim chief development officer for NPR. Details below mention that what information may have been obtained by the cybercriminals.

“We are writing out of an abundance of caution. This incident may have affected your contact information, demographic information, and if you have made a gift to NPR, the history of those donations,” wrote Turpin. “Importantly, we want to assure you that the incident has not exposed any sensitive personal identification or financial data such as your credit card or bank account information, government identification number, or social security number, as we do not record or store this information in our database.”

Turpin noted that Blackbaud “assured us that they are confident that the cybercriminals have in fact destroyed the stolen file, and have not misused or further disseminated any data contained in the file.”

Paying The Ransom

This example illustrates the Catch-22 of paying a ransom. Blackbaud was assured by the hackers that the stolen information was destroyed, but can an organization ever really know for sure? However, they wanted to put forward a good faith effort to the organizations in their care.

Related Reading  DuckDuckGo-od?

Getting hit with a ransomware attack can completely devastate an organization, but paying the ransom can be equally as devastating. The best practice is a preventative plan. Remember to keep yourself educated on current ransomware trends. You also want an antivirus product that works on a default-deny approach. Default-deny keeps unknown executables off your system.

As ransomware becomes more sophisticated, the fight against it will continue to rise to the occasion. Make sure you’re staying up-to-date. And, as always, stay safe out there.

 1,214 total views,  1 views today

(Visited 1 times, 1 visits today)

3 thoughts on “Blackbaud Attack Merits NPR Response

  1. Stopping this incoming bad data is only impossible because we get irritated when the connection is slowed by anti-virus programs for screening. Computer manufacturers need to add stellar-hyper-speed hardware components as much as do the software engineers and the IT suppliers, all working in unison as a single project per data packet. In saying that, the cost may be prohibitive, but if the monthly subscription or original OEM product cost were spread across every single device, not only the top-end devices, the cost to the end user would diminish as scale would then spread that cost thinner per device

  2. The Cyber-world is full of cyber asteroids & comets. It would be nice to find PC Matic trails for such comets and PC Matic cyber ‘grippers’ to move malware and other such ‘lifeforms’ into another orbit from planet PC Matic.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.