The George W. Bush Presidential Center was hacked recently and donor information was held for ransom. The stolen, sensitive information was supposedly destroyed after the company that managed the data (and were the ones originally hacked) paid the bounty.
“Blackbaud informed us that it paid a ransom to the attackers in order to obtain confirmation that the compromised unencrypted information has been destroyed,” the Bush Center said in a statement.
“To date, there is no indication that any of the compromised unencrypted information is subject to further disclosure or misuse, and given the intent of the criminals to obtain the payment of the ransom, the Bush Center does not believe there is a high risk that the unencrypted information would be used for other purposes,” the statement said.
From The New York Post:
Data management services provider Blackbaud told the Bush Center on July 16 that it had thwarted the attack in May — but that the cybercriminals “removed a copy of some of the Bush Center’s data regarding donors and other contacts,” the center said in a statement.
According to Blackbaud, Social Security numbers contained in the affected systems were encrypted and the decryption keys were not compromised because they were stored in a different location. Credit cardholder data was not part of the incident because it was stored in a different location.
“However, there was unencrypted, less sensitive information obtained, such as name, birth date, physical and email addresses, telephone numbers, gender and giving history,” it added.
Blackbaud said it has “paid a ransom to the attackers in order to obtain confirmation that the compromised unencrypted information has been destroyed.”
Blackbaud acknowledged compensating whoever stole the data but stressed the worst of the breach was likely behind them.
“Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly,” Blackbaud said in a separate statement. “We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.
Social Security numbers of donors were stolen as well, according to the Bush Center. That data was encrypted, however, and the decryption keys needed to decipher it was stored separately and not stolen, the center said.
— CNN Politics (@CNNPolitics) July 31, 2020