This @blackbaud situation is an absolute mess, here's just the tip of the iceberg - stuff I've commented on or been sent personally:
Firstly, they got ransom'd but sounds like the actor also had a copy of the data. They paid the ransom and somehow believe that the (criminal) actor kindly removed their copy of the @blackbaud data: https://twitter.com/troyhunt/status/1287942078584954881
This incident has cascaded down to *heaps* of customers who've now had to do their own breach disclosures. For example, the @boyscouts:
And @AberUni:
There's also @UniOfHull:
And @robertgordons:
And @HeriotWattUni:
As for @blackbaud's disclosure notice, it's extremely poor. The entire first para is dedicated to normalising hacking: "all the other kids are dealing with hackers too" https://www.blackbaud.com/securityincident
The notice then somehow - *magically* - concludes (with much hubris) about how top-notch their cyber-things are:
This just reads like the PR people waxing lyrical and I'm sympathetic to the technical folks at @blackbaud that are having to deal with this whilst palming their faces at the company's communication style 🤦‍♂️
You can follow @troyhunt.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.