The Auburn University Foundation revealed Monday that one of its vendors was hit with a cyberattack earlier this year.
South Carolina-based Blackbaud handles donor information for non-profit entities around the world, including the foundation. It was held to ransom and paid an undisclosed sum to cyber-criminals, according to the BBC News website, which added that the company received proof that the hackers destroyed the data they had obtained.
Christopher B. Roberts, interim president of the foundation and dean of Auburn’s Samuel Ginn College of Engineering, notified the university’s extended community Monday of the breach.
“According to Blackbaud, sensitive personal information, such as Social Security numbers and credit card data, was not impacted as a result of the Blackbaud incident. Moreover, Social Security numbers are not stored by the Auburn University Foundation in this system,” Roberts stated in an email.
Blackbaud was hit in May, but the Auburn foundation and others were not notified until July 16. BBC News reported that British regulators are looking into the incident, including the lag between the incident and Blackbaud’s notification to its customers.
The impact was global. It affected other universities, including Cambridge, Oxford, University of London, Rhode Island School of Design, West Virginia University and Middlebury College, plus charities including Human Rights Watch and the American Civil Liberties Union.