In July 2020, the company, which provides hundreds of non-profits and educational facilities with customer relationship management services, disclosed that they had suffered a ransomware attack. More than 120 education and third-sector organisations may have had their data compromised.
The attack took place in February 2020 and was discovered in May 2020 when many of the affected organisations were already reeling from the disruption caused by the COVID-19 pandemic.
The attackers took over the company's servers, encrypted some sets of data and took a copy of a subset of data before they were locked out of the company's systems. The company admitted that they had paid out an undisclosed amount of money in order to retrieve that data which they confirmed did not include bank account or payment card details. However, in some cases it did involve donors details such as names, ages, addresses, estimated wealth / identified assets, past donations and likelihood to make a bequest triggered by their death.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.