• Facebook
  • Google Plus
  • RSS Feed
  • Twitter

Menu

Skip to content
  • About
  • Staff
  • Contact
  • Support
  • Advertise
  • FAQ
  • Privacy Policy
  • Terms of Service
Header image

Times of San DiegoLogo

Local News and Opinion for San Diego

Menu

Skip to content
  • All
  • Politics
  • Crime
  • Business
  • Sports
  • Education
  • Arts
  • Military
  • Tech
  • Life
  • Opinion
Search Thousands of San Diego Jobs
  • San Diego County Reports 2,695 COVID-19 Cases, 32 Deaths
  • FCC to Expand Broadband Connectivity, Telehealth for Underserved Communities
  • San Diego Leaders Plan for Quiet Inauguration Day, Remote Meetings
  • Fox Canyon 7-Eleven Robbed by Pair of Thieves, Possibly Armed
  • El Cajon Resident Reportedly Suffering Medical Emergency Dies After 1-8 Crash

Home » Crime » This Article

Ransomware Stole Donor Data of San Diego Charities, Francis Parker School

Posted by Ken Stone on July 29, 2020 in Crime | 2677 Views
| Comments | Leave a Comment
Share This Article:
Facebooktwitterredditpinterestlinkedinmail
Francis Parker School was among San Diego nonprofits that were clients of cloud-computing firm Blackbaud, which paid a ransom. Courtesy image.

By Ken Stone

Several major San Diego nonprofits including KPBS and San Diego Zoo Global potentially lost private donor data to cybercriminals as recently as May 20.

Support Times of San Diego's growth
with a small monthly contribution

Become a supporter

They — along with the elite private Francis Parker School — were clients of Blackbaud, a South Carolina-based cloud computing provider (with an office in San Diego), which announced the hack.

On Wednesday, Parker notified its community members — including alumni, parents and former staff — that it learned of the ransomware attack July 16.

“The cybercriminals had NO access to Francis Parker School systems,” said an email from Shara Freeman Hoefel, assistant head of school for external relations.

The San Diego Public Library Foundation echoed what Parker said — that the intrusion didn’t access credit card information, bank account information, passwords or any other private financial data.

CEO Patrick Stewart posted: “Because being responsible stewards of your trust is a central part of the Library Foundation’s values, we thought it best to alert you that Library Foundation donor information such as contact information, names, email addresses, physical addresses and giving histories could have been part of the breach on Blackbaud’s servers.”

Parker’s Hoefel assured her community that it had no evidence that personal information was accessed or otherwise misused, “though we recommend that you remain vigilant for any suspicious activity.”

A Blackbaud spokesperson Wednesday told Times of San Diego that “we are not providing the names of those who were part of this incident; nor can we discuss any customer specifically. The majority of our customers were not part of this incident – but those customers which were have been notified.”

Blackbaud continued: “More broadly, this incident was limited to a subset of our self-hosted (or co-located) environment. No entire product line was part of this incident. This incident did not reach solutions to the public cloud environment (Microsoft Azure, Amazon Web Services), nor did it reach the majority of our self-hosted environment.”

Blackbaud’s website lists KPBS and San Diego Zoo Global as customers. They didn’t immediately respond to requests for comment. The San Diego Humane Society, also potentially a victim, said it was looking into the matter.

Francis Parker School didn’t immediately respond either.

But the San Diego Foundation, another client, said the breach largely affected users with old versions of Blackbaud software.

“Because we are utilizing the latest suite of Blackbaud tools, we confirmed with Blackbaud that no private information about donors at The San Diego Foundation was exposed,” Chief Financial Officer James Howell said in a statement. “We continue to engage with Blackbaud as it addresses this issue.”

Wednesday evening, Library Foundation Marketing Director Charlie Goldberg said: “We have sent emails to donors and are in the process of sending letters to supporters for whom we have no email address.”

He said his group was monitoring the situation and Blackbaud’s efforts to correct the vulnerability that led to this incident and to firm up its security to prevent future breaches.

A spokeswoman for the UC San Diego Foundation, also listed as a client, said: “No UC San Diego Foundation donor data was exposed, lost or stolen as a result of this breach. UC San Diego maintains donor data on campus systems and these systems were not involved in the incident at Blackbaud.”

Blackbaud said: “Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.”

A malware monitoring group put the payment at $350,000.

So, it seems a company paid 350k$ for decryption of their files. And these actors wanted more to delete the stolen files. Trash…
cc @VK_Intel pic.twitter.com/YCIA1VQOOd

— MalwareHunterTeam (@malwrhunterteam) May 13, 2020

Media reports indicate that at least 10 universities in the United Kingdom, United States and Canada had data stolen about students and/or alumni.

The Providence Journal on Tuesday said the Rhode Island College Foundation and the Providence Children’s Museum were both affected by the ransomware attack on the outside vendor.

In May 2008, Blackbaud bought San Diego computer services firm Kintera for $46 million, gaining access to Kintera’s 3,900 customers, including the American Lung Association, the Lance Armstrong Foundation and Big Brothers Big Sisters of America.

Updated at 5:37 p.m. July 29, 2020

Ransomware Stole Donor Data of San Diego Charities, Francis Parker School was last modified: July 30th, 2020 by Ken Stone

>> Subscribe to Times of San Diego’s free daily email newsletter! Click here

Follow Us:
Facebooktwitterrss
Posted in Crime | Tagged Blackbaud, Charlie Goldberg, Francis Parker School, KPBS, ransomware, San Diego Foundation, San Diego Humane Society, San Diego Public Library Foundation, San Diego Zoo Global
Search Thousands of San Diego Jobs

Get Times of San Diego by Email

Our free newsletter is delivered at 8 a.m. daily.


Most Popular Today

  • Opinion: Santee's Dustin Trotter Should Resign as Backer of D.C. Insurrectionists Opinion: Santee’s Dustin Trotter Should Resign as Backer of D.C. Insurrectionists 710 views
  • San Diego Home Cooking Restaurant Chain Manager Faces 5 Years for Tax Fraud San Diego Home Cooking Restaurant Chain Manager Faces 5 Years for Tax Fraud 560 views
  • MarketInk: Prolific Announcer Hangs Up Microphone After 2,000 Games Over 35 Years MarketInk: Prolific Announcer Hangs Up Microphone After 2,000 Games Over 35 Years 520 views
  • 50-Acre Brush Fire Near Palomar College Mostly Under Control 50-Acre Brush Fire Near Palomar College Mostly Under Control 350 views
  • Opinion: San Dieguito Teachers: Don’t Demonize Us – Work with Us Opinion: San Dieguito Teachers: Don’t Demonize Us – Work with Us 310 views

©®2021 Times of San Diego LLC

Menu

  • About
  • Staff
  • Contact
  • Support
  • Advertise
  • FAQ
  • Privacy Policy
  • Terms of Service