JRMC Foundation was informed of a data security incident experienced by one of our trusted vendors, Blackbaud Inc. That impacted our donor database and may have involved personal information about supporters. Blackbaud is a well-respected provider of cloud and data services used by more than 25,000 organizations in more than 60 countries. JRMC Foundation uses Blackbaud’s fundraising technology platform.

Blackbaud discovered a ransomware attack in May of 2020 that included our donor database and other nonprofits. The company took time to determine which organizations were impacted.

Blackbaud stated that its Cyber Security team — together with independent forensics experts and law enforcement — successfully prevented the cybercriminal from blocking Blackbaud’s system access. Blackbaud ultimately expelled the cybercriminal from its system. Prior to locking the cybercriminal out, however, the cybercriminal removed a copy of a backup file.

What happened?

JRMC Foundation was informed of a data security incident experienced by one of our trusted vendors, Blackbaud Inc. That impacted our donor database and may have involved personal information about supporters. Blackbaud is a well-respected provider of cloud and data services used by more than 25,000 organizations in more than 60 countries. JRMC Foundation uses Blackbaud’s fundraising technology platform.

Blackbaud discovered a ransomware attack in May of 2020 that included our donor database and other nonprofits. The company took time to determine which organizations were impacted.

Blackbaud stated that its Cyber Security team — together with independent forensics experts and law enforcement — successfully prevented the cybercriminal from blocking Blackbaud’s system access. Blackbaud ultimately expelled the cybercriminal from its system. Prior to locking the cybercriminal out, however, the cybercriminal removed a copy of a backup file.

What information was involved?

Blackbaud determined that the information removed and presumably destroyed may have included personal information (variable PII) including names; contact information, including telephone numbers, email addresses, dates of birth, and mailing addresses; and a history of donor relationships with our organization, such as donation dates, amounts, and other information in donor profiles.

For us, due to our best practices, breached information was limited and specific to each donor, as noted in their letter. Mostly, name and birthdate. Blackbaud has assured us that credit card information and banking information were not accessed by the cybercriminal and remain encrypted.

This incident does not impact Social Security numbers, which we do not collect.  The electronic health record system was not impacted by this incident.

Blackbaud paid the cybercriminal’s demand to protect personal customer data with confirmation that the removed copy had been destroyed. Based on the nature of the incident, Blackbaud’s research, and third party (including law enforcement) investigation, Blackbaud does not believe any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.

What is Blackbaud doing?

As part of ongoing efforts, Blackbaud states that it has already implemented several changes to protect your data from any subsequent incidents. First, its teams identified the vulnerability of this incident, including the tactics used by the cybercriminal, and took action to fix it. Blackbaud has tested its fix with multiple third parties, including the appropriate platform vendors, and assured us that it withstands all known attack tactics. They are also accelerating their efforts to protect data through enhancements to access management, network segmentation, deployment of additional endpoints, and network-based platforms.

What is JRMC doing?

We are notifying affected individuals about this incident consistent with our goal of being transparent. Upon learning of the issue, we commenced an immediate and thorough investigation. As part of our investigation, in addition to demanding detailed information from Blackbaud about the nature and scope of the incident, we engaged cybersecurity professionals experienced in handling these types of incidents.

What can you do?

Again, we want to emphasize that Blackbaud has assured us that no credit card, bank account, or other information of that nature was compromised. However, as a best practice, we recommend that supporters remain vigilant by closely reviewing their account statements and credit reports and reporting any suspicious activities.

  • If you receive unsolicited requests for donations from us or other nonprofits, call the number on the organization’s website to confirm the solicitation’s legitimacy.
  • You can obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com, calling toll-free 877-322-8228, or completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348.
  • If you detect any suspicious activity, then promptly notify the financial institution or company where the account is maintained. You also should report any fraudulent activity or suspected incidence of identity theft to law enforcement authorities, your state attorney general, and/or the Federal Trade Commission.

To file a complaint with the FTC, go to www.ftc.gov/idtheft or call 1-877-ID-THEFT (877-438-4338). The Federal Trade Commission offers tips on how to avoid identity theft. For more information, please visit http://www.ftc.gov/idtheft or call 1-877-ID-THEFT (877-438-4338).

JRMC Foundation's Commitment

While data breaches and ransomware attacks are becoming more common, this is not something JRMC Foundation ever wants to happen to our valued supporters. The privacy of our supporters is of utmost importance to us.

Blackbaud has apologized to JRMC Foundation and we sincerely apologize for any inconvenience this incident may cause you.

If you have any questions or concerns regarding this matter, please do not hesitate to contact Lisa Jackson, JRMC Foundation Director, at foundation@jrmcnd.com or (701) 952-4880.

We know that every gift made to JRMC Foundation is a choice. Thank you for your support. Care is possible here because of your generosity, and we are dedicated to keeping your trust.