AIDS Foundation of Chicago (AFC) and Center for Housing and Health (CHH) was recently made aware of a data security incident impacting Blackbaud, the company that provides database systems to many nonprofits throughout the country, including AFC and CHH. AFC Housing Assistance was also impacted by this incident. We take transparency, protection and proper use of your company’s information very seriously. We are therefore contacting you to explain the incident with the information provided by Blackbaud and our research.
What happened
Blackbaud notified us they discovered and stopped a ransomware attack on their company that impacted AFC, CHH, and many other nonprofit organizations. After discovering the attack, the service provider’s cyber security team — together with independent forensics experts and federal law enforcement — successfully prevented the cybercriminal from blocking their system access and fully encrypting files, and ultimately expelled the cybercriminal from their system. Prior to locking the cybercriminal out, the cybercriminal was able to copy a backup file of AFC’s and CHH’s and other nonprofit databases in their system, which contained some of your or your company’s information as an AFC or CHH vendor. Blackbaud informed us that this information was removed and destroyed after the ransom was paid.
What information was involved
It’s important to note that the cybercriminal did not access your credit card information, bank account information, EIN/Tax ID or Social Security Number. However, we have determined that the file removed may have contained your company’s contact information, business information, and a history of your company’s relationship with our organization.
What we are doing
Though we have no reason to believe your data has been or will be misused, we are notifying you as a best practice, and so that you can take additional steps to protect your company. As part of their ongoing efforts to help prevent future data security incidents, Blackbaud informed us they have already implemented several changes that will protect your company’s data from any subsequent incidents. AFC will continue to monitor the situation and gather information from Blackbaud as they learn more.
What you can do
You can find more information on the breach here. Data security is of the utmost importance to AFC, so we will continue to work with Blackbaud to understand how they plan to defend against similar attacks in the future. As always, we recommend you promptly report any suspicious activity to the proper law enforcement authorities.
Should you have any further questions or concerns regarding this matter, please do not hesitate to contact AFC at 312-922-2322 or [email protected].
Thank you for all your support of AFC and for your patience as we manage this unprecedented situation.
Sincerely,
John Peller
President/CEO
