The ripple effects of a cyber attack on a third party vendor are felt far and long in the supply chain, with various organizations suffering due to it. Something similar transpired in the case of Blackbaud, a provider of software and cloud hosting solutions to organizations.
Earlier in May this year, BlackBaud was hit by a ransomware attack and several impacted organizations soon started realizing the impact of that breach. However, the breach was only disclosed in the month of July.
As things transpired from July onwards –
- On the 23rd of July, It was revealed that many prestigious universities were affected as a result of the Blackbaud cyberattack. The list of universities includes the following names – University of York, Oxford Brookes University, Loughborough University, University of London, and the University of Exeter.
- On the 24th of July, The total count of universities that were affected reached 20 when several other universities, including the University of Birmingham and De Montfort University, and then later Aberystwyth University also confirmed being impacted.
- On the 27th of July, the University of South Wales became the second Welsh university to confirm the attack.
- On the 30th of July, the list of impacted victims of the Blackbaud attack got extended when the National Trust also confirmed
- On the 4th of August, Loughborough University and Leicester hospital charity Loros also confirmed falling prey to the extended effect of the Blackbaud Ransomware.
From what is understood, the total number of infected universities stands at 40 along with 11 non-profit organizations based in the United Kingdom. 50 other international organizations were also affected by the same.
Tale of the Data Leak –
In May 2020, some hackers executed a cyberattack on Blackbaud’s network and attempted to install ransomware to lock down the data of all of its clients, including several universities that are using their software.
- The hackers were able to steal a subset of data from its self-hosted environment and threatened to publish it online, even though the company was successful in stopping the ransomware attack from encrypting files.
- The company confirmed the attack and notified all the impacted organizations two months after the attack.
Even though threat actors who executed this attack could not access any financial information, such as credit card numbers but an attack like this is still expected to have repercussions in various forms like that of sophisticated phishing attacks, identity theft, or other scams.
To read more, please check eScan Blog