I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…
Category: Subcontractor
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
SC: In September, Roper St. Francis was busy sending notifications on two separate breaches
On September 3, ABC reported that Roper St. Francis was notifying 6,000 patients about a breach involving their protected health information. This week, you may have read that Roper St. Francis is notifying almost 93,000 patients. There are two unrelated incidents. The first involved the compromise of an employee’s email account in June that the…
CU Collections Notifies Customers of Data Security Incident
The following press release was released on Friday, September 11, after 5 pm. It appears to be the same press release CU Collections issued on July 29, with the exception that this one specifically mentions Wellspring Credit Union: CU Collections, LLC (“CU Collections” or the “Company”) announced today that it had suffered a data security…
CA: Enloe Medical Center also notifying patients after Blackbaud ransomware incident
Add Enloe Medical Center to those notifying donors and patients because of the ransomware incident that Blackbaud disclosed in July. You can read their notification here.
A data fail left banks and councils exposed by a quick Google search
Henry Dyer reports: Private details relating to more than 50,000 letters sent out by banks and local authorities were indexed by Google after a London-based outsourcing firm left its system hopelessly exposed. Details about everything from insolvency to final reminders of unpaid council tax and mortgage holidays were left available for anyone to view since…