[BreachExchange] Smithsonian confirms that its donor data was potentially breached in ransomware attack

Destry Winant destry at riskbasedsecurity.com
Thu Sep 3 10:22:38 EDT 2020


https://www.theartnewspaper.com/news/smithsonian-confirms-that-its-donor-data-was-potentially-breached-in-ransomware-attack

The Smithsonian Institution and the Parrish Art Museum confirmed today
that they were among the hundreds of organisations potentially
affected by a ransomware attack earlier this year on a third-party
software company in South Carolina that logs their data regarding
fundraising and donors.

The hack on the systems of the software company, Blackbaud, gave an
intruder access to information about donors and other constituents,
including names, US addresses, phone numbers, summaries of donations
and for some individuals, dates of birth, the Smithsonian says. The
institution says it has begun notifying people linked to the
Smithsonian whose information may have been accessible.

Previous news reports have identified other organisations whose data
was potentially compromised as UK’s National Trust, Human Rights
Watch, dozens of charities and universities in the UK and US, and the
Corning Museum of Glass in New York.

The Smithsonian emphasises that the incident did not result in the
exposure of any credit card information, Social Security numbers or
banking information, saying that it does not collect or store this
type of data.

Blackbaud says that after discovering the attack on its systems in
May, it paid the hacker or hackers the ransom demanded, which it did
not disclose. “We have no reason to believe that any data went beyond
the cybercriminal, was or will be misused; or will be disseminated or
otherwise made available publicly,” the software company adds.

The Smithsonian says it was informed of the data breach on 16 July,
just as other institutions were being alerted, and recently reached
out to donors. “Based on the nature of the incident, Blackbaud assured
us that any stolen data has been destroyed by the unknown actor and
stated they do not believe any data was disseminated or otherwise made
available publicly by the unknown actor,” the Smithsonian says. “We
will continue to investigate to confirm Blackbaud’s assurances and
better understand what occurred.”

The potential compromising of Smithsonian and Parrish Art Museum data
was first reported by artnet News. Both the Smithsonian and the
Parrish, in Water Mill, New York, subsequently confirmed the exposure
of their data in emails to The Art Newspaper.


More information about the BreachExchange mailing list