Blackbaud, Inc., a third-party service provider of Texas Oncology Foundation, informed us on July 16 that it discovered and stopped a ransomware attack on its system that occurred beginning February 7, 2020 and could have intermittently continued until May 20, 2020. After discovering the attack, Blackbaud, together with independent forensics experts and law enforcement, successfully prevented the cybercriminal from blocking system access and fully encrypting files; and ultimately expelled them from its system. However, the attacker was able to remove a copy of a subset of Blackbaud client data, which may have included information maintained by the Foundation through Blackbaud in connection with our event registration system.
What Information Was Involved:
We take the protection and proper use of the personal information of our donors, volunteers and event attendees very seriously and would like to share the information Blackbaud provided to us.
Blackbaud stated that, during this attack, no credit card information, bank account information, or social security information was compromised. If data was accessed, it may have included personal contact information like name, title, age, gender, phone number, email address, donor history, and information submitted in connection with event registration. This information may have also included a reference to a medical condition or diagnosis if the event registrant voluntarily included such information on the registration. Texas Oncology Foundation, Inc., is a separate entity from Texas Oncology, P.A., and no Texas Oncology protected health information is included in the Foundation database.
What We Are Doing:
The Foundation is conducting a review of the potentially affected accounts and systems, and we have taken steps to protect data from further unauthorized access. We are also closely working with IT experts and legal counsel to properly address and continue to monitor the incident.
We also remain in contact with the affected service provider, Blackbaud. Blackbaud agreed to pay the attackers to delete the information and believes that such information was destroyed. Blackbaud has undergone a thorough investigation, with the assistance of law enforcement, confirming that no encrypted information was accessible in the attack. Blackbaud is closely monitoring the Internet to verify that no data is misused, disseminated or otherwise made public. As part of their ongoing efforts to help prevent something like this from happening in the future, Blackbaud assures us that it has already implemented several changes that will protect data from any subsequent incidents. While Texas Oncology Foundation was not the target of this cyber security incident, we believe it is important to always remain vigilant and are reviewing all of our data security practices and our relationships with third-party vendors.
What You Can Do:
We do not believe it is necessary for any of our donors, event registrants or volunteers to take any further action at this time, but we want you to be aware of this incident. We are not aware of any instances of fraudulent activity connected to the Foundation’s data; however, as a precautionary measure, we encourage you to monitor your online and financial activity and report anything suspicious. Please review the attachment to this letter (Steps You Can Take to Further Protect Your Information) for further information on protecting your information.
For More Information:
For further information and assistance, please contact the Foundation at 972.490.2930 or firstname.lastname@example.org.
Steps You Can Take to Further Protect Your Information:
Review Your Account Statements and Notify Law Enforcement of Suspicious Activity
As a precautionary measure, we recommend that you remain vigilant by reviewing your account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You also should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, including your state attorney general and the Federal Trade Commission (FTC).
To file a complaint with the FTC, go to IdentityTheft.gov or call 1-877-ID-THEFT (877-438-4338). Complaints filed with the FTC will be added to the FTC's Identity Theft Data Clearinghouse, which is a database made available to law enforcement agencies.
Obtain and Monitor Your Credit Report
You may also obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can access the request form at https://www.annualcreditreport.com/requestReport/requestForm.action. Or you can elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries is provided below:
P.O. Box 740241
Atlanta, GA 30374
P.O. Box 4500
Allen, TX 75013
2 Baldwin Place
P.O. Box 1000
Chester, PA 19016
Take Advantage of Additional Free Resources on Identity Theft
We recommend that you review the tips provided by the Federal Trade Commission on how to avoid identity theft. For more information, please visit IdentityTheft.gov or contact the Federal Trade Commission at:
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
(877) IDTHEFT (438-4338)