The cloud software company, Blackbaud, has come under fire from authorities for its major cybersecurity failings, stemming from a devastating ransomware attack in 2020. The attack exposed data from numerous educational institutions and non-profits that were clients of Blackbaud, including prominent UK universities and organisations like the National Trust and the Labour Party donors.
The ransomware attack, which began in February 2020 and was detected in May, had severe implications for the affected entities. Blackbaud, however, delayed notifying victims for almost two months and openly admitted to paying a ransom of 24 bitcoin to the attackers, without verifying the deletion of the compromised data.
The US Federal Trade Commission (FTC) has issued a complaint against Blackbaud, accusing the company of failing to implement adequate safeguards to protect customer data. The FTC highlighted Blackbaud’s deceptive practices, alleging the company failed to follow recommended incident response best practices, including monitoring unauthorised access attempts, segmenting data, implementing multi-factor authentication, and regularly assessing security controls.
The FTC specifically criticised Blackbaud for retaining customer data beyond necessary periods and allowing its employees to use weak or default passwords. These lapses enabled the threat actor to move freely within Blackbaud’s systems, exploiting vulnerabilities, and accessing unencrypted customer data.
In response to the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.