On Thursday, July 16, 2020, New England Conservatory received notification from Blackbaud that it discovered it was subject to a ransomware attack in May 2020. Blackbaud is one of the world’s largest providers of education administration, fundraising, and financial management software for nonprofits.
At NEC, we use a Blackbaud product called Raiser’s Edge NXT to manage and track constituent records and data. The cybercriminal removed data for the purpose of extorting funds from Blackbaud. Based on the nature of the incident, the research performed by Blackbaud and its outside investigators, Blackbaud has told us there is no reason to believe that any data went beyond the cybercriminal; was or will be misused; or will be disseminated or otherwise made available publicly. Blackbaud has hired outside experts to continue monitoring for any such activity.
Blackbaud indicated that the cybercriminal did not gain access to usernames, passwords, or social security numbers because they were encrypted. And, for your protection, the NEC Raiser’s Edge database does not collect or store sensitive information including credit cards numbers or banking information. However, we recommend that all remain observant and report any suspicious activity or suspected identity theft to the proper authorities.
We regret this has taken place and apologize for any concern this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your information.
We remain in regular contact with Blackbaud regarding the details of this incident, and we are continuing to monitor their response. Should we receive new or different information, we will provide follow-up information.
If you have any immediate concerns or questions, please contact us at firstname.lastname@example.org.