Cloud Provider Blackbaud Endured Ransomware Attack – Yet, Pays Ransom As Security

Joining the trail of ransomware attack victims, cloud service provider Blackbaud has now joined the list. The company disclosed a ransomware attack that hit the firm some time ago. Blackbaud paid the demanded money.

Blackbaud Endured Ransomware Attack

In a recent security notice, the US-based cloud provider Blackbaud has disclosed a ransomware attack hitting the firm.

As revealed, the company faced the cyberattack in May 2020. Following the incident, they quickly worked out to contain the attack, in which, they succeeded as well. Together with cybersecurity experts, they could prevent the ransomware from taking over their business.

As stated in the notice,

After discovering the attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system.

However, until they could take some action, the attackers managed to pilfer a subset of the firm’s customers’ data. Though it wasn’t a large number, and the company notified the affected customers.

The subset of customers who were part of this incident have been notified and supplied with additional information and resources. We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.

Nonetheless, they assured that the incident did not impact any sensitive information of users, such as Social Security numbers, credit card details, or bank data. Also, the incident didn’t affect the company’s public cloud environment or the majority of the self-hosted environment.

Paid Ransom For Data Security

Though Blackbaud endured the ransomware attack, they still paid the demanded ransom to the attackers out of security.

Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.

Moreover, they confirm that the data wasn’t or will be misused or made public.

Besides, they also made improvements to their systems for preventing such incidents in the future.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil