Blackbaud Security Breach and How It Affects You, Your Privacy and Big Thought

Big Thought was recently informed by Blackbaud, our third-party financial accounting software service provider, that it has discovered and stopped a ransomware attack on its servers that compromised some data of multiple clients, including Big Thought. The data breach occurred beginning in February 2020 and was discovered and stopped by May 20, 2020.

Big Thought takes the protection and proper use of your information very seriously. We are therefore contacting you to explain the incident and to alert you that certain personal information may have been part of the Blackbaud breach.

 

What Information Was Involved

The cybercriminal may have accessed mailing address, email address, phone number, financial transaction history or combination of these pieces of information.

Although Blackbaud has stated that all information was encrypted, a social security number or employer identification number (EIN) may have been accessible to the cybercriminal for a small number of contacts.

In addition, for individuals employed by Big Thought from July 15, 2008 through March 31, 2010, birth date, gender, marital status, hire date, bank name, annual salary and payroll amounts may have been accessed despite being encrypted.

 

What Blackbaud is doing

As part of its ongoing efforts to prevent future data breaches, Blackbaud has already implemented several changes that will protect your data.  You can review information on this incident and Blackbaud’s steps to mitigate the risk involved at https://www.blackbaud.com/securityincident.

 

What We Are Doing

Big Thought has completed an extensive examination of the data sources involved. With very few exceptions (with separate notice), we do not store sensitive personal information such as bank account numbers, social security numbers or employer identification numbers. Credit card numbers, where present, are encrypted. Ensuring the safety of our constituents’ data is of the utmost importance to us. We will continue to monitor Blackbaud’s efforts, and follow our own careful internal data management procedures.

 

what you can do

As a best practice, we recommend you remain vigilant in reviewing your personal account statements, and promptly report any suspicious activity or suspected identity theft to your banking and credit companies, as well as to the proper law enforcement authorities.

You may choose to obtain a free copy of your credit report from each of the three major credit reporting agencies. You may obtain those reports once every 12 months by visiting http://www.annualcredireport.com, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.

The Federal Trade Commission and the Consumer Financial Protection Bureau sites contain extensive information about credit reports, your rights, and the laws that guarantee these rights. You can learn more about your free reports at the Federal Trade Commission’s website and the Consumer Financial Protection Bureau’s website.

Alternatively, you can elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information is provided below:

• Equifax
• Experian
• TransUnion

For More Information

If you wish to speak to Big Thought directly, please contact us at [email protected].

You can also get information on this incident and Blackbaud’s steps to mitigate the risk involved at https://www.blackbaud.com/securityincident.