Information regarding the Blackbaud data security incident from July 2020


Explanation

On July 16, 2020, the Texas Tech Foundation was contacted by Blackbaud to inform them that a Blackbaud service provider had been the victim of a ransomware attack that culminated in May 2020. The cybercriminal was unsuccessful in blocking access to the database involved in the attack. However, the cybercriminal was able to remove a copy of a subset of several of their client's data. This included information from our Ram and Red Raider communities.

The Foundation does not provide encrypted information—such as Social Security numbers, bank account, credit or debit card information—to Blackbaud. However, the data potentially accessed may have included personal contact information like names, titles, dates of birth, phone numbers, email addresses, and affiliation with the Texas Tech University System, its four component universities, and the Texas Tech Alumni Association. While the Alumni Association operates as a separate entity from the Texas Tech Foundation, any alumni—and, therefore, any Alumni Association members—could be among those impacted by the security breach.

Blackbaud has undergone a thorough investigation, with the assistance of law enforcement, confirming that no encrypted information was accessible in the attack. Blackbaud is closely monitoring the Internet to verify that no data has been misused.

The Foundation also immediately launched their own investigation and have taken the following steps:

  • They are notifying affected alumni and donors to make them aware of this breach of Blackbaud's systems so they can remain vigilant;
  • They are working with Blackbaud to understand why there was a delay between it finding the breach and notifying us, as well as what actions Blackbaud is taking to increase its security;
  • They are continuing to monitor the situation with Blackbaud to investigate this incident.

Blackbaud does not believe it is necessary to take any further action at this time, but they wanted us to be aware of this development. As of late July, they are not aware of any instances of fraudulent activity connected to the Foundation's data. But, out of an abundance of caution, they encourage you to monitor your online and financial activity and report anything suspicious.

Blackbaud has issued a statement on their website at https://www.blackbaud.com/securityincident regarding this incident.