Blackbaud Security Statement

BVU alumni and friends,

On July 16, 2020, Buena Vista University was notified by one of our service providers, Blackbaud, that the company had been the victim of a ransomware attack. Blackbaud is one of the world’s largest providers of customer relationship management systems for not-for-profit organizations and the higher education sector. The cybercriminal was able to remove a copy of a subset of constituent data from several of Blackbaud’s clients, including BVU.

Blackbaud confirms its investigation found that no encrypted information, such as Social Security numbers, bank account, and credit and debit card information, was accessible. However, data accessed by the cybercriminal may have contained public constituent information such as name, title, date of birth, spouse, phone numbers, and email addresses.

Blackbaud also confirms that to protect constituent data and mitigate potential identity theft, it met the cybercriminal’s ransomware demand, paid the ransom, and received assurances from the cybercriminal and third-party experts that the data was destroyed. Blackbaud has been monitoring the web in an effort to verify the data accessed by the cybercriminal has not been misused.

We do not believe there is a need for you to take any action at this time. As a best practice, we recommend that you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper authorities.

If you have any questions, please contact us at alumni@bvu.edu.

We deeply regret any inconvenience this data breach of Blackbaud’s system may have caused. Please be assured we take data protection very seriously and are grateful for the continued support of our alumni and friends.

Regards,

Gary Klein
Vice President | University Development and Alumni Engagement
Buena Vista University