Please login to continue
Forgot your password?
Recover it here.
Don't have an account?
Sign Up Now!

You are now logged into your account.

Sign Up for Free

Name
Email
Choose Password
Confirm Password

Message....

662.842.4615 | hello@globaloutreach.org
Loginor create account
Log in to your account
Sign Up for an account

Name

Email

Choose Password

Retype Password

     
Global Outreach International

What happened?

On July 16, 2020 we were notified by our third-party database provider, Blackbaud, that they discovered and stopped a ransomware attack. Working with law enforcement, they prevented the hacker from blocking their system access and fully encrypting files. Blackbaud ultimately expelled the hacker from their system. Prior to getting locked out, however, the hacker removed a copy of Global Outreach International’s backup file containing some of your personal information. This occurred at some point between February 7 and May 20, 2020.


What Information Was Involved  

It is important to note that for your protection, the Global Outreach donor database does NOT collect or store sensitive payment information, such as credit cards or banking information in our Blackbaud database. Therefore, this information was NOT exposed or accessed during the ransomware attack. However, the file removed may have contained contact information, demographic information, and a history of your relationship with Global Outreach, such as donation dates and amounts. For a very small portion of our constituents, the file removed may have contained a scanned application that contained including social security number, date of birth, and/or passport information. These constituents have received a special mail and/or email notification with specific recommended next steps.

We have no reason to believe that any data went beyond the hacker, that it was or will be misused, or will be disseminated or otherwise made available publicly. However, we are proactively providing this identity theft monitoring and coverage to ensure you’re fully covered – no matter what.


When did Blackbaud learn of this incident? 

In May (2020).

Did Blackbaud pay the cybercriminal to contain the information they had? 

Yes, Blackbaud paid the cybercriminal to contain the information they had. Blackbaud has no reason to believe that any data was or will be made available publicly. Blackbaud did not pay the cybercriminal until they received assurance that they destroyed the data. And as a precautionary measure, Blackbaud has hired outside experts to monitor the dark web and they have found no evidence that any information was ever released.

How can you be sure the information the cybercriminal was exposed to is contained and wasn’t sold online? 

Blackbaud agreed to pay the cybercriminal with confirmation that the data was destroyed. Why would they believe that this cybercriminal kept his word and destroyed the data? Because the cybercriminal’s future business depends on future targets believing that the cybercriminal will keep their word. Both the third-party negotiation company and U.S Federal law enforcement keep records of various cybercriminals and whether they have a history of meeting their own obligations. One of the reasons that Blackbaud was willing to pay this cybercriminal is because its security team was told that the cybercriminal would likely do as they promised.

Blackbaud has engaged a security firm to search in the darkest reaches of cyberspace for specific data on its behalf and has requested US Federal law enforcement help with that search. They have not found the data. To date and to Blackbaud’s knowledge, none of the data from the Blackbaud incident have appeared anyplace you would expect to see such information if it were offered for sale. A team of experts is monitoring the dark web and private online channels on a constant 24/7/365 basis looking for any traces of the data involved in this incident. If there is any indication that such data is on the dark web, Blackbaud is alerted on a real time basis and will notify their customers.


Is Blackbaud monitoring the dark web to ensure information is not posted there? And for how long? 

Yes, Blackbaud has been monitoring the dark web together with a third-party team of experts and that monitoring will continue. Based on the nature of the incident, their research, and third party (including law enforcement) investigation, Blackbaud has no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly. This monitoring will continue indefinitely.