Report to Union donors

RICHMOND, VA (September 15, 2020) – Union Presbyterian Seminary has been using Blackbaud, a database company to maintain our donor records for the past 50 years. We are among thousands of higher education and nonprofit institutions subscribing to Blackbaud’s services.

Several of Blackbaud’s servers were compromised by a ransomware cybercriminal back in May. We contacted our Blackbaud representative and were told that our “Boston” server was not directly affected by the hack. However, since it was an attack on their cloud servers, we were being notified.

To be clear, we do not store donors’ credit card numbers, banking information, or social security numbers in our database. Further, to reiterate, the server containing the Seminary’s donor information was not attacked nor compromised. Blackbaud notified law enforcement on July 15, two months after the incident occurred, and are communicating with state attorney general offices who are evaluating the incident. As part of the state attorney generals’ inquiry, Blackbaud has been asked to provide the name of organizations whose data is stored on all their servers. The Seminary is one of those organizations. Even though the Seminary’s database was not directly involved in the attack, to be transparent, we are notifying all our donors.

Here is a summary of the incident as reported by Blackbaud on July 15:

In May of 2020, we discovered and stopped a ransomware attack. In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system. Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. The subset of customers who were part of this incident have been notified and supplied with additional information and resources. We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.

At Union Presbyterian Seminary, keeping donors’ information secure is one of our top priorities. If you have any questions concerning this incident, please do not hesitate to contact: Richard Wong, Vice President Advancement, rwong@upsem.edu, (804)201-6024.