[image: George W. Bush Presidential Center]

On July 16, 2020, we were notified by Blackbaud, a large provider of cloud-based data management services to George W. Bush Presidential Center (the “Bush Center”) and many other not-for-profit organizations, that it had discovered and stopped a ransomware attack that occurred in May 2020. Blackbaud, working with independent forensics experts and law enforcement, successfully prevented the cybercriminals from blocking system access and fully encrypting the Bush Center’s files; and ultimately expelled the criminals from Blackbaud’s system. However, prior to locking the cybercriminals out, the cybercriminals removed a copy of some of the Bush Center’s data regarding donors and other contacts. According to Blackbaud, any Social Security numbers or payment card information contained in the affected systems were encrypted and the decryption keys were not compromised. However, there was unencrypted, less sensitive information obtained, such as name, birth date, physical and email addresses, telephone numbers, gender and giving history. Blackbaud informed us that it paid a ransom to the attackers in order to obtain confirmation that the ‎compromised unencrypted information has been destroyed and ‎Blackbaud has also assured us they are enhancing their safeguards to mitigate the risk of future ‎attacks like this one, including paying a third party service to periodically review the dark web to confirm whether any of ‎the Bush Center’s information is for sale.

To date, there ‎is no indication that any of the compromised unencrypted information is subject to further disclosure or misuse‎, and given the intent of the criminals to obtain the payment of the ransom, the Bush Center does not ‎believe there is a high risk that the unencrypted information would be used for other purposes. Even though we do not believe that your personal information has been subjected to misuse or further unauthorized access due to this incident, out of an abundance of caution and in light of our respect for your privacy, we wanted to advise you of this incident. For more information on this incident and Blackbaud’s steps to mitigate the risk involved, please see [link removed] <[link removed]>.

Please contact [email protected] <mailto:[email protected]> if you have any questions or particular concerns.

[image: George W. Bush Presidential Center] <[link removed]>

2943 SMU Boulevard, Dallas, TX 75205
E. [email protected] <mailto:[email protected]>

[image: Twitter] <[link removed]> [image: Instagram] <[link removed]> [image: Facebook] <[link removed]> [image: Flickr] <[link removed]> [image: YouTube] <[link removed]>

Email Preferences <[link removed]> | Privacy Policy <[link removed]> | Give Today <[link removed]>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -