Estimated reading time: 1 minute, 0 seconds

B’BAUD SETTLES WITH CALIFORNIA Featured

 

Blackbaud has reached a settlement with the state of California stemming from a 2020 ransomware attack on the company’s data that drew a February statement from the Federal Trade Commission referring to “Blackbaud’s shoddy security and data retention” policies.

It also drew a flurry of litigation after Blackbaud paid the ransom and then downplayed the seriousness of the event. The nonprofit software company agreed to pay California $6.75 million and not to make misleading statements about its data protection. In October, Blackbaud agreed to pay 49 states and the District of Columbia $49.5 million to settle a separate action and has paid $3 million to the SEC. The cases mean Blackbaud blew through its insurance coverage and was on the hook for the rest of the expenses. In the cases, Blackbaud did not admit to any wrongdoing. However, the FTC announcement was the most stinging descriptions saying Blackbaud failed to monitor hacker attempts to breach its networks, segment data to prevent them from easily accessing its networks and databases, ensure unneeded data tis deleted, adequately implement multifactor authentication, and test, review and assess its security controls. It also allowed employees to use default, weak, or identical passwords, according to the FTC.

Read 512 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.