The ransomware event and subsequent data breach that impacted Blackbaud, one of the nation’s largest providers of fundraising database and support services for health care organizations, may have contained donor records from the Riverside Foundation, Riverside Health System announced today.

Blackbaud, a vendor for the Riverside Foundation, informed Riverside on July 16, 2020 that it had discovered and stopped the ransomware event that occurred in May 2020, impacting many other health care organizations across the country.

Although the ransomware event was identified and stopped, a file containing limited data had been accessed by the attacker. Blackbaud paid the cybercriminal’s ransom and according to Blackbaud, the data was permanently destroyed. Blackbaud assured the Riverside Foundation they have corrected the exposure that allowed the security incident.

In accordance with HIPAA and HITECH regulations, Riverside is notifying the impacted individuals by either mail or email with further details about the incident.

Riverside does not store any credit card information, bank account information, or Social Security numbers in the database, so this information was not compromised in any way.

The information compromised during this incident included contact information (name, address, phone number, email), demographic information (date of birth), and a history of donor relationships with the Riverside Foundation.

“The Riverside Foundation remains fully committed to maintaining the privacy of personal information in its possession,” said Kristen Beam Witt, the Executive Director of the Riverside Foundation.

For more information from Blackbaud, visit blackbaud.com/securityincident or contact blackbaud@rivhs.com or call 1-833-385-1309.

Visit riversideonline.com/foundation/Blackbaud-Data-Security-Incident.cfm for more frequently asked questions.

Published: September 14, 2020