Security Market Segment LS
Thursday, 01 October 2020 08:16

Cloud software firm Blackbaud says customer data exposed in ransomware attack

Cloud software firm Blackbaud says customer data exposed in ransomware attack Pixabay

American cloud software firm Blackbaud has back-flipped on a statement it made after a ransomware attack, saying on Wednesday that the attackers had actually managed to gain access to customer data.

On 16 July, when it disclosed that it had been hit by ransomware, and paid a ransom as it was unable to block the attack before its data was exfiltrated, though it managed to prevent the encryption taking place, Blackbaud said: "The cyber criminal did not access credit card information, bank account information, or social security numbers."

The firm has now updated the earlier statement to clarify that the attackers did indeed gain access to personal information.

"After 16 July, further forensic investigation found that for some of the notified customers, the cyber criminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords," Blackbaud said.

It tried to play down the severity of the leak, saying, "In most cases, fields intended for sensitive information were encrypted and not accessible. These new findings do not apply to all customers who were involved in the security incident.

"Customers who we believe are using these fields for such information are being contacted the week of 27 September and are being provided with additional support."

Blackbaud, which reported revenue of US$900,423 (A$1.28 billion) in 2019, has operations in North America including Canada, Europe and the Pacific region. It has hubs in Charleston (South Carolina), Austin (Texas), London and Sydney.

Blackbaud said in its 2019 annual report: "At the end of 2019, we had over 45,000 global customers including non-profits, foundations, companies, education institutions, healthcare organisations and other social good entities.

"There are millions of users of our solutions in more than 100 countries. Our largest single customer accounted for less than 1% of our 2019 consolidated revenue."

It employs 3611 people and on 31 December 2019, Blackbaud had US$634.1 million (A$905.6 million) and US$317.9 million of goodwill and intangible assets respectively. It also had deferred tax assets of US$93.8 million.

It is now common for attackers who use ransomware to hit companies to first exfiltrate the data using PowerShell scripts and then encrypt the victim's data on-site. This gives them two avenues for putting pressure on the victim to pay the ransom.

Brett Callow, threat researcher with the New Zealand-based security firm Emsisoft, said: "Working out what did and did not happen in the aftermath of a ransomware incident requires a forensic investigation that can take weeks to complete.

"To my mind, these incidents should be treated as data breaches from the get-go and customers and business partners [should be] immediately notified so they can take steps to minimise their exposure."

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News