The Expanding Extent of the Blackbaud Ransomware Attack

When any third-party service provider is targeted with cyber attacks, its ripple effects may extend to several other organizations lined up in the supply chain. A similar incident happened with Blackbaud, a provider of software and cloud hosting solutions to organizations.


Data of several organizations leaked

In May 2020, Blackbaud was hit by a ransomware attack, which the company disclosed in July, and several impacted organizations soon started realizing the impact of that breach.
  • On July 23, more than ten esteemed universities, including the University of York, Oxford Brookes University, Loughborough University, University of London, and University of Exeter, were affected because of an earlier cyberattack on Blackbaud.
  • On July 24, several other universities, including the University of Birmingham and De Montfort University, and then later Aberystwyth University also confirmed being impacted, taking the count of affected organizations beyond 20.
  • On July 27, the University of South Wales became the second Welsh university to confirm the attack.
  • On July 30, the National Trust also joined the list of impacted victims of the Blackbaud attack.
  • On August 4, Loughborough University and Leicester hospital charity Loros also confirmed to be affected by this hack.


So far, the breach has impacted more than 40 universities, along with 11 U.K-based non-profit organizations, and 50 other international organizations.

The story behind the data leak

In May 2020, some hackers breached Blackbaud’s network and attempted to install ransomware to lock down the data of all of its clients, including several universities that are using their software.
  • Although the company was successful in stopping the ransomware attack from encrypting files, hackers still managed to steal a subset of data from its self-hosted environment and threatened to publish it online.
  • Two months later, the company confirmed the attack and notified all the impacted organizations.


Conclusion

Although cybercriminals couldn't not access any financial information, such as credit card numbers. A massive breach like this, however, is expected to have repercussions in the form of sophisticated phishing attacks, identity theft, or other scams.