The College of the Canyons Foundation database of alumni and donors was caught up in a recent ransomware attack on Blackbaud, the college’s technology provider, according to Foundation officials.

COC Foundation CEO Cathy Ritz sent the following letter to donors on its email list on Friday:

Dear Donor,

Trust is a core value of the College of the Canyons (COC) Foundation. We take very seriously the importance of protecting the personal information entrusted to us by members of our community. That’s why we were troubled to learn that Blackbaud, the database software provider we use to maintain alumni, community member and donor information, experienced a ransomware attack. While Blackbaud doesn’t believe that your information was misused in any way, we’re writing to inform you about this and to outline steps we’re taking.

What happened?
Blackbaud is one of the world’s largest software providers to universities, schools, charities, and other nonprofit organizations and offers data management services for the COC Foundation. On July 16, 2020 Blackbaud notified us that in May 2020 they had discovered – and stopped – a ransomware attack on their computer systems.

Blackbaud’s notification provided general information indicating that COC Foundation data was potentially impacted. COC immediately began working to obtain additional information from Blackbaud to confirm the scope of the incident.

On August 10, 2020 Blackbaud confirmed that COC Foundation data was accessible by the cybercriminal.

To protect against further compromise of customers’ data and to mitigate potential identity theft, Blackbaud met the cybercriminal’s ransomware demand. Blackbaud reports they received confirmation that the cybercriminal destroyed the copied data in exchange for the ransomware payment.

Blackbaud stated that they “have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.” They base this on the type of incident, their research, and the involvement of law enforcement and cybersecurity experts. In addition, Blackbaud hired a third-party team of experts to monitor the dark web as an extra precautionary measure which Blackbaud intends to continue indefinitely on a 24/7/365 basis.

What information was involved?
It’s important to note that the cybercriminal did not access your credit card information, bank account information or social security number. Notably, the COC Foundation does not store that information in the Blackbaud database (or anywhere else).

However, we have determined that the file removed may have contained your contact information, employer information, gender and date of birth, spouse’s identity, and a history of your relationship with our organization, such as event participation and record of giving.

What are we doing about the situation?
We’re continuing to take measures to understand the full scope of this attack and to protect the personal information of our donors. We believe it is important to inform our donors of the Blackbaud incident so we can all stay vigilant as we seek additional information from Blackbaud regarding:

* Why there was a delay between incident discovery and notification to all those affected

* Why they’re confident the cybercriminals won’t misuse or disseminate the data they seized

* The additional security measures they’ve put in place since the incident and any additional measures they plan to implement

What you can do
We want to emphasize again that no credit card, bank account, or other information of that nature was compromised because the COC Foundation does not store that information in the Blackbaud database. However, as a best practice, data security experts recommend that individuals remain vigilant by reviewing their account statements and credit reports closely and reporting any suspicious activities.

For example:

* If you receive unsolicited requests for donations from us or other nonprofits, please call the number on the organization’s website to confirm the legitimacy of the solicitation

* Obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com.

* If you detect any suspicious activity, promptly notify the financial institution or company where the account is maintained. You also should report any fraudulent activity or suspected incidence of identity theft to law enforcement authorities, your state attorney general, and/or the Federal Trade Commission.

More information
You can learn more about this data incident at https://www.blackbaud.com/securityincident.

We deeply regret any worry or inconvenience this incident may cause you.

If you have any further questions or concerns regarding this matter, please don’t hesitate to contact us at cocfoundation@canyons.edu or 661-362-3434 (M-F 8 a.m.-5 p.m. PST).

Thank you so much for your involvement in and support of College of the Canyons. We’ll keep you informed of any further developments about this incident if and when they arise.

Regards,

Cathy Ritz
Chief Operating Officer