Beebe Informs Those Affected by Blackbaud Data Incident

On July 16, 2020, Beebe Medical Center was notified by Blackbaud, a third-party data management company, that it had discovered and stopped a ransomware attack that occurred in May 2020. According to Blackbaud, this ransomware attack began on February 7, 2020, and continued until May 20, 2020. Blackbaud is one of the world’s largest providers of relationship management systems for not-for-profit organizations and the education sector. At this time, Blackbaud’s communications indicated that Beebe data was not impacted. Thereafter, in November 2020, Blackbaud provided additional notification that Beebe data was in fact contained within the impacted database. While Blackbaud prevented the cybercriminal from encrypting Blackbaud data, the cybercriminal was able to remove a copy of a subset of constituent data from several of Blackbaud’s clients, including Beebe Medical Center.

We worked diligently to obtain sufficient information from Blackbaud to ensure that we had a proper understanding of the incident so that we could address any concern raised by our community. This process took significant time and included obtaining a copy of the impacted data from Blackbaud to further investigate the incident. On December 2, 2020, after significant review, Beebe discovered that the personal information of certain individuals may have been contained within the affected Blackbaud database.

Based on Beebe’s investigation, the information potentially impacted as a result of the incident experienced by Blackbaud includes individuals’ name in combination with one or more of the following data elements: date of birth; clinician name; date of screening; visit date; and the department related to medical services. Importantly, no Social Security numbers or financial account numbers were impacted as a result of this incident. 

Blackbaud confirmed that they paid the cybercriminal’s demand and received confirmation that the removed data was destroyed. Additionally, Blackbaud has engaged third-party experts to monitor the dark web to verify that the data accessed by the cybercriminal has not been misused or released and intends to continue such monitoring on an indefinite, 24/7/365 basis. Blackbaud has assured us that they have taken the necessary steps to secure their environment. Nonetheless, out of an abundance of caution, Beebe is providing notice to those potentially affected individuals.

While the information potentially impacted is limited, we recommend as a best practice that you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper authorities.

Should you have questions or concerns regarding this matter, please do not hesitate to contact 1-833-971-3295 between 9:00 a.m. and 6:30 p.m. Eastern Time, Monday through Friday.  The security of our community’s personal information is of the utmost importance to us and we deeply regret this incident and any inconvenience this data incident of Blackbaud’s system may have caused.

Blackbaud has indicated that they are taking efforts to further secure their environment through enhancements to access management, network segmentation, deployment of additional endpoint and network-based platforms. Additionally, Blackbaud has stated that they are working to expand their use of encryption technologies to further secure all data within the Blackbaud environment.

Please be assured we take data protection very seriously and are grateful for your continued support. Information regarding this Blackbaud incident can also be found at https://www.blackbaud.com/securityincident.

While the impacted information is limited and does not include Social Security numbers, the following information is provided to help individuals wanting more information about steps that they can take to protect themselves:

What steps can I take to protect my private information?

• If you detect suspicious activity on any of your accounts, you should promptly notify the financial institution or company with which the account is maintained. You should also report any fraudulent activity or any suspected incidents of identity theft to law enforcement.
   
• You may obtain a copy of your credit report at no cost from each of the three nationwide credit reporting agencies.  To do so, visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three agencies appears at the bottom of this page.
   
• You can take steps recommended by the Federal Trade Commission to protect yourself from identify theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.

How do I obtain a copy of my credit report?

You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies once every twelve (12) months. To do so, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three agencies is included in the notification letter and is also listed at the bottom of this page.

How do I put a fraud alert on my account?

You may consider placing a fraud alert on your credit report. This fraud alert informs creditors of possible fraudulent activity within your report and requests that creditors contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is listed below.

Contact information for the three nationwide credit reporting agencies is as follows: