Blackbod remains mum about the ransomware attack that has exposed Canadians' personal information

Blackbod remains mum about the ransomware attack that has exposed Canadians' personal information.

Cloud-based provider services for nonprofits, schools, healthcare organizations, faith communities, arts groups, and corporations in five countries say the data stolen four months ago in the ransomware attack may have included unencrypted customer information. Blackbad Inc. entered into a filing with the US Securities and Exchange Commission earlier this week. 

The incident was revealed in July, after a South Carolina-based company said the ransomware attack was discovered and stopped. Before the attackers were ejected, a copy or part of Blackboud's private cloud data was transferred. 

It was thought that Blackbod encrypted all of that data. However, as of the September 29 filing, the company later found out that some areas were unencrypted and may include bank account information, social security numbers, usernames and / or customers' passwords. Customers who were using those areas started being notified. 27. Blackbod's clients in Canada include War Child Canada, Gospel Free Chooch of Canada, Montreal General Hospital Foundation, Mulgrave School in Vancouver, and Western University in London. 

A spokesman for the Montreal General Hospital Foundation said on Friday that it had been told it was not any personal information. 

Western, alumni, donor and organization uses Blackbod's customer relationship management product to manage data and communicate with various members of its community. On 24 July it admitted that it had been a victim of the hack. 

At the time it was stated that data accessed by cybercrime may include names, dates of birth, contact information, donations or engagement with the university. 

In an email on Friday, a university spokesperson said it had not been notified that it was one of the organizations affected by Blackboud's most recent discovery. 

Blackbud is refusing to recognize how many Canadian customers have been informed of their stolen data. "We are not disclosing the total number of customers (or any segment) involved in this incident," the company said in a statement to IT World Canada on Thursday. 

"However, most of Blackboud's global customers were not involved in any way. And our investigation shows that this new information, which we reported yesterday (29 September), only applied to some customers notified on 16 July. Happens. 

"To respect the privacy of our customers, we cannot provide the names of those who were part of this incident nor can we specifically discuss any customer. Customers who were part of the incident have been notified. 

"In July, the BBC named 20 organizations in Canada, U.K. And U.S. Whose clients' personal information was stolen, including Bishop Strachan School of Toronto, a high school; And Ambrose University of Calgary. 

In some cases, the BBC said at the time - prior to the most recent revelation - this personal statement was limited to alumni who were asked to provide financial support from the establishments from which they graduated. But in other cases, it extended to staff, current students and other supporters. 

But some of the stolen data included phone numbers, donation histories, and incidents of individuals participating. Blackboud paid the ransom demand for ransom, confirming that the copy he had extracted was destroyed. 

“Based on the nature of the incident, our research and the investigation of third parties (including law enforcement), we have no reason to believe that any data went beyond cybercrime, or would be misused; Or will be publicized or otherwise made publicly available, ”the company said in a statement on its website. 

Blackboud's products include solutions for fundraising and customer relationship management, marketing, advocacy, peer-to-peer fundraising, corporate social responsibility, school management, ticketing, grants, financial management, payment processing and analytics. 

It has customers in the United States, Australia, Canada, Costa Rica and the United Kingdom. The company's statement said that ransomware and data theft were part of its private cloud. The incident did not involve solutions for public cloud environments (Microsoft Azure, Amazon Web Services) nor its Merchant Services payment service. 

No entire product line or private cloud data center was part of the event, meaning that how one customer was involved may not be the same as another, the company explained. Publicly traded Blackbod has 3,400 employees worldwide. 

According to an annual report filed in February, it had US $ 900 million in revenue and net income of $ 11.9 million during 2019. (This story has been updated from the original to include Western University comments)