Important Data Security Information
On July 16, 2020, we were notified by Blackbaud, a large provider of cloud-based data management services to George W. Bush Presidential Center (the “Bush Center”) and many other not-for-profit organizations, that it had discovered and stopped a ransomware attack that occurred in May 2020. Blackbaud, working with independent forensics experts and law enforcement, successfully prevented the cybercriminals from blocking system access and fully encrypting the Center’s files; and ultimately expelled the criminals from Blackbaud’s system. However, prior to locking the cybercriminals out, the cybercriminals removed a copy of some of the Bush Center’s data regarding donors and other contacts. According to Blackbaud, social security numbers contained in the affected systems were encrypted and the decryption keys were not compromised because they were stored in a different location. Credit cardholder data was not part of the incident because it was stored in a different location. However, there was unencrypted, less sensitive information obtained, such as name, birth date, physical and email addresses, telephone numbers, gender and giving history. Blackbaud informed us that it paid a ransom to the attackers in order to obtain confirmation that the compromised unencrypted information has been destroyed and Blackbaud has also assured us they are enhancing their safeguards to mitigate the risk of future attacks like this one, including paying a third party service to periodically review the dark web to confirm whether any of the Bush Center’s information is for sale.
To date, there is no indication that any of the compromised unencrypted information is subject to further disclosure or misuse, and given the intent of the criminals to obtain the payment of the ransom, the Bush Center does not believe there is a high risk that the unencrypted information would be used for other purposes. Even though we do not believe that any personal information has been subjected to misuse or further unauthorized access due to this incident, out of an abundance of caution and in light of our respect for our donors and other contacts’ privacy, we are notifying our website visitors of this incident. For more information on this incident and Blackbaud’s steps to mitigate the risk involved, please see https://www.blackbaud.com/securityincident.