Blackbaud Data Breach Statement
Recently, the RCC Foundation was informed of a data security incident experienced by one of our trusted vendors, Blackbaud Inc., that impacted our donor database. Blackbaud is a well-respected provider of cloud and data services used by more than 25,000 organizations in more than 60 countries.
Blackbaud discovered a ransomware attack in May of 2020 that included our donor database, as well as those of other nonprofits. The company took time to determine which organizations were impacted. Blackbaud stated that its Cyber Security team — together with independent forensics experts and law enforcement — successfully prevented the cybercriminal from blocking Blackbaud’s system access. Blackbaud ultimately expelled the cybercriminal from its system. Prior to locking the cybercriminal out, however, the cybercriminal removed a copy of a backup file. (Read Blackbaud’s statement about the incident.)
Blackbaud determined that the information removed and presumably destroyed may have included: names; contact information, including telephone numbers, email addresses, dates of birth, and mailing addresses; and a history of donor relationships with our organization, such as donation dates, amounts, and other information in donor profiles. Credit card information and banking information were not accessed by the cybercriminal and remain encrypted nor does the RCC Foundation collect that type of data in our system.
We deeply regret this incident occurred. While data breaches and ransomware attacks are becoming more common, this is not something the RCC Foundation ever wants to happen to our valued supporters. The privacy of our supporters is of utmost importance to us.
We know that every gift made to the RCC Foundation is a choice. Thank you for your support of our students. Opportunities start here because of your generosity, and we are dedicated to keeping your trust.