Notice of Data Breach

What Happened:   We were recently notified by one of our third-party service providers of a security incident.  Blackbaud supports our membership/donor database.   At this time, we understand they discovered and stopped a ransomware attack. After discovering the attempted attack, the service provider’s Cyber Security team—together with independent forensics experts and law enforcement— successfully prevented the cybercriminal from blocking their system access and fully encrypting files; and ultimately expelled them from their system. Prior to locking the cybercriminal out, the cybercriminal removed a copy of our backup file containing your personal information. 

 

What Information Was Involved: It’s important to note that the cybercriminal did not access credit cardholder or bank account data. However, we have determined that the file removed may have contained: 

  1. Your contact information (mailing address, phone number, email address)
  2. Your Civitan-related demographic information (name of your club, officer position, join date)
  3. Birthdays (for less than 100 members that were put in the system in late spring 2020)

Because protecting customers’ data is their top priority, our third-party service provider paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.  Based on the nature of the incident, their research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.

While we are not legally bound to disclose this breach because the information involved was not considered “sensitive”, we are notifying you so that you can be aware.  Ensuring the safety of our constituents’ data is of the utmost importance to us. As part of their ongoing efforts to help prevent something like this from happening in the future, our third-party service provider has already implemented several changes that will protect your data from any subsequent incidents. 

First, the provider’s teams were able to quickly identify the vulnerability associated with this incident, including the tactics used by the cybercriminal, and took swift action to fix it. They have confirmed through testing by multiple third parties, including the appropriate platform vendors, that their fix withstands all known attack tactics. Additionally, they are accelerating our efforts to further harden their environment through enhancements to access management, network segmentation, deployment of additional endpoint and network-based platforms. 

What You Can Do:

 As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities.

 

For More Information:

Please read the letter from our Executive Vice President by clicking here.

Please read an additional FAQ by clicking here.

 We sincerely apologize for this incident and regret any inconvenience it may cause you. Should you have any further questions or concerns regarding this matter and/or the protections available to you, please do not hesitate to contact us at 1-800-CIVITAN ext. 132 or scarlet@civitan.org.