Blackbaud, a major supplier of financial and fundraising technology to the non-profit sector, said it stopped a ransomware attack from encrypting files, but paid the attackers to delete stolen customer data.
“Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed,” Blackbaud said in a customer advisory.
The company said it discovered and stopped the ransomware attack in May of this year, but discovered the attackers had removed “a subset” of customers’ data.
The data affected was from Blackbaud’s self-hosted environment, and didn’t affect data it hosts on Amazon Web Services or Azure cloud services, the company said.
“The subset of customers who were part of this incident have been notified and supplied with additional information and resources,” Blackbaud said.
“We apologise that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.”
Blackbaud said its strong cybersecurity practice and advance planning had enabled it to shut down the “sophisticated” attack, adding that it has implemented changes to prevent the issue from happening again.
The company said it believed the attackers’ confirmation they had destroyed the data in part because the ransomware business model depends upon criminals not disclosing data once a ransom is paid.
In addition, Blackbaud said it worked with outside experts to monitor the internet and found no evidence that information was ever released.
Ransomware attacks initially focused on encrypting organisations’ files and then extorting ransoms to decrypt the files, but in recent months have expanded into other areas, such as stealing data and threatening to release it.
Beginning earlier this year, for instance, the DoppelPaymer ransomware gang has begun publicly releasing files stolen from contractors for the US Navy, Lockheed-Martin and SpaceX.
Some of the malware developers’ ransom demands have been in excess of $1 million (£800,000), according to computer security firm CrowdStrike.
OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…
European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…
James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…
Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…
Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…
Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…