The Doug Flutie, Jr. Foundation for Autism (Flutie Foundation) was recently notified of a data security incident from one of our vendors, Blackbaud, involving donor information from the Flutie Foundation and other of Blackbaud’s clients. Blackbaud is one of the world’s largest providers of education administration, fundraising, and financial management software for nonprofits. The Flutie Foundation utilizes Blackbaud’s customer/donor management database. The attack did not specifically target any particular organization’s database.
Blackbaud was the target of a ransomware attack this summer, and as a result, the hackers obtained some personally identifying information about thousands of Blackbaud’s nonprofit clients’ donors, including those of Flutie Foundation. Blackbaud — together with forensics experts and law enforcement — expelled the cybercriminals from its system. Prior to their expulsion, the cybercriminals did, however, remove a copy of a subset of data. This data may have included name, postal address, email address, phone number, donation dates and amounts, participation in Flutie Foundation events, and demographic data. Not all donor records contained all of this information. Additional information on the incident is available on Blackbaud’s website.
Please know that no credit card or bank information was compromised in this breach. Flutie Foundation does not keep this information in our database and for the protection of our donors, this information is processed on a separate, encrypted platform.
The Flutie Foundation is working to verify that Blackbaud is taking all corrective measures necessary and is taking steps to prevent future security incidents.
While the Flutie Foundation has no indication that any donor data was misused, we value transparency and are providing this information to inform you of the incident. If you have any questions or concerns, please call us at 508-270-8855 or email us at firstname.lastname@example.org.