Posted on August 17, 2020
The message below relates to a data security incident involving one of our third-party service providers, Blackbaud. The breach included accessing donor data from numerous nonprofit organizations, and educational institutions around the world, including YWCA Madison.
On July 16, 2020, we were contacted by Blackbaud, one of the world’s largest software companies and a third-party data management provider (donor information and event registration) for YWCA Madison. Blackbaud informed us that in May 2020 they discovered they were a victim of a ransomware attack. The breach happened between February 7 to May 20, 2020. Unfortunately, the cybercriminals were able to copy a subset of data from a number of their clients, including YWCA Madison.
Unfortunately, the criminal was able to remove a portion of the data stored on the company’s servers, which included some information about you and other donors, such as donations, street addresses, or phone numbers. Sensitive data — such as credit card data, or bank account information — was not affected. Blackbaud has obtained confirmation that the stolen data was destroyed and has no reason to believe the information was or will be misused or made publicly available.
We do not feel there is a need for any member of our community to take action at this time, yet we recommend that all remain observant and report any suspicious activity or suspected identity theft to the proper authorities. YWCA Madison takes your privacy very seriously, and we will continue to work diligently to protect your personal information. We also value transparency and your trust. You may visit Blackbaud’s website to learn more about the Blackbaud data breach.
If you have additional questions, please contact Jill W. Pfeiffer, Development and Marketing Director at YWCA Madison at firstname.lastname@example.org