The Catholic Foundation for the Diocese of Green Bay, Inc. recently received notice from Blackbaud, Inc., the provider of cloud-based data management services to the Catholic Foundation and thousands of other non-profit organizations world-wide including hospitals, foundations, colleges and universities, that Blackbaud discovered it had been the subject of a ransomware attack. Blackbaud discovered the attack in May 2020. The Blackbaud systems affected by the attack included a database containing certain information regarding Catholic Foundation families.
Blackbaud advised that the ransomware attack did not compromise any financial information such as credit card information, bank account information, or social security numbers. However, Blackbaud did advise us that certain donor information, such as names, birth dates, physical and email addresses, telephone numbers, and gender were subject to the data compromise.
Blackbaud worked with a 3rd party cyber security company and the FBI to address the data breach. Blackbaud informed the Catholic Foundation that it paid a ransom to the attacker and obtained confirmation that the compromised information was destroyed. According to Blackbaud, and as far as we know, there is no indication that any of the compromised information is subject to further disclosure or misuse. Blackbaud has also assured us they are enhancing safeguards to mitigate the risk of future attacks.
“At the Catholic Foundation the protection and proper use of donor information is something we take very seriously and we share this information out of an abundance of caution. We do not have any evidence that any donor information has been misused,” said Josh Diedrich, Executive Director of the Catholic Foundation.