Monday, July 15, 2024

UNCW reports ransomware attack, hackers accessed donor details but no financial info

University of North Carolina Wilmington. (Port City Daily photo / BENJAMIN SCHACHTMAN)
University of North Carolina Wilmington. (Port City Daily photo / BENJAMIN SCHACHTMAN)

WILMINGTON — The University of North Carolina Wilmington’s fundraising division sent out notifications this week that a data breach had exposed the data of past and potential donors — although the University said it believed no personal data had been misused.

In emails sent Wednesday morning, UNC Wilmington stated that Blackbaud, a private cloud-based company that assists schools and non-profits, had informed the University of a ransomware attack that affected UNCW’s Division of University Advancement (DUA).

In the data breach, information that may have been accessed by hackers included “names, physical addresses, history of gifts made to UNCW, phone numbers, and email addresses.” The information was limited to data stored online by DUA and included donors and potential donors, including students, parents, and employees.

UNCW said the information did not include financial information like “credit card information, bank account information, or social security numbers.”

Blackbaud reported that in May 2020 the company discovered and stopped a ransomware attack. These attacks involve criminal attempts to lock companies out of their own systems, often threatening to steal or destroy information unless they are paid a ransom.

The company said it prevented ‘cybercriminals’ from blocking or encrypting files, but not before they copied data from Blackbaud’s server. The company paid the criminals demand in exchange for confirmation that the copied data had been destroyed. Blackbaud said neither its own research ot law enforcement investigation revealed evidence that the data ‘was or will be misused.’

“Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly,” according to Blackbaud.

UNCW said it did not believe the data breach had created any ‘vulnerabilities’ for anyone exposed.

“This security incident should not create any vulnerabilities for you; however, we regret that it occurred and, out of an abundance of caution, wanted to make you aware. We will continue to work with Blackbaud to confirm they take the necessary steps to minimize any impact. We take the protection of your information very seriously and encourage you to remain vigilant, as always, to the threat of identity theft,” UNCW wrote its Wednesday morning email.

Related Articles