|
Dear John, We are writing to inform you that Save the Children was recently notified of a data security incident at one of our vendors. As you may be aware, Blackbaud, a company that provides software tools and management resources for nonprofits across the world, recently experienced a data breach. Save the Children takes cyber security and the protection of your information very seriously, therefore we are contacting you to explain the incident. What Happened In July 2020, Save the Children received notification from Blackbaud that they discovered a cyberattack on one of their systems that houses donor information. Unfortunately, Save the Children was one of a number of organizations impacted by this security breach. A detailed explanation of the incident is available on Blackbaud's website. What Information Was Involved We understand from Blackbaud that immediately upon detecting the attacker, Blackbaud worked with their own security teams, an external forensics firm and federal law enforcement to expel the attacker from their system. However, the hacker was still able to copy data belonging to Save the Children, including supporter names, addresses, phone numbers, date of birth and giving history. What Information Was Not Involved Credit card information and social security numbers were not impacted. Blackbaud's Response Blackbaud obtained confirmation that the data was deleted in exchange for a payment to the hacker, and has provided assurances to Save the Children that the risk to individuals whose data was stolen is very low. In an abundance of caution, Blackbaud has put in place dark web monitoring intended to detect trafficking of any of the copied data, and Save the Children will maintain regular contact with Blackbaud to stay well informed of any developments of this nature. Save the Children's Response Save the Children places the highest level of regard on security and protecting our donor information. We have removed our data off Blackbaud's servers, and will continue to prioritize security, both internally and with all of our third-party vendors. Supporters like you trust us with their information, and we do not take this lightly. We have and will continue to take steps to protect supporters' information in our combined efforts to ensure every child gets the future they deserve. Save the Children remains in regular contact with Blackbaud regarding any further details of this incident, and we are continuing to monitor their response. If you have any immediate concerns or questions, please contact our Supporter Experience Center at 1-800-728-3843. Thank you for your partnership and support. |
|
