Ftc orders blackbaud to boost security after massive data breach
What happened
In may 2020 blackbaud a company providing software for managing donor data suffered a ransomware attack that exposed the sensitive information of millions of people
The ftc investigation found that blackbauds security practices were inadequate allowing the hackers to gain access to the data additionally the company retained data for longer than necessary increasing the potential impact of the breach
Blackbaud initially downplayed the severity of the breach and misled customers about the extent of the stolen data
Ftcs response
The ftc charged blackbaud with unfair and deceptive practices related to its data security and retention policies
In january 2024 blackbaud settled with the ftc agreeing to