Western University recently learned that a third-party service provider – Blackbaud, one of the world’s largest customer relationship management (CRM) providers – has experienced a ransomware attack that impacted many of its clients around the world, including Western.
Western uses Blackbaud’s customer relationship management product to manage alumni, donor, and organization data, and to communicate with various members of our community. Financial data such as banking or credit card information was not impacted.
Blackbaud has informed Western that a ransom was paid by Blackbaud, that the cybercriminal confirmed copies removed were destroyed, and that research by Blackbaud and third-party investigators (including law enforcement) shows no evidence that the data has been shared by the cybercriminal.
In order to further mitigate risks, Blackbaud has hired a forensic firm to monitor the internet and dark web for any signs of the breached data.
We are confirming with Blackbaud what Western data was involved. Data accessed by the cybercriminal may have contained information such as name, date of birth, contact information, donations or engagement with the university.
Social insurance, credit card and banking data is not maintained in Western’s Blackbaud CRM database and therefore was not affected by the data breach.
The privacy of our students, alumni, employees and all the partners we work with is of utmost importance to Western. Since learning of the breach, we have taken the following steps to protect our community:
- We are immediately notifying all affected parties directly.
- We have informed the Information and Privacy Commissioner and will continue to work closely with their office.
- We are working closely with Blackbaud to understand why this happened, what data is impacted and what actions they are taking to increase their security.
- For the time being, we have suspended the use of our Blackbaud CRM system.
We will continue to work closely with Blackbaud to address this issue, put further security measures in place and update our community, including advising on any proactive measures they can take to remain vigilant and report any suspicious activity.
We very much regret the inconvenience that this issue may cause. We are here to address questions or concerns. Community members can contact the Western team by emailing breachresponse@uwo.ca. We have also opened a dedicated phone line from July 27 to 30, 9:30 a.m. to 4:30 p.m.: 1-800-258-6896 or 519-661-2199.