Longs Peak Hospital Foundation shares info about Blackbaud Security Incident


Longmont, Colo. (Sept. 11, 2020)

The Longs Peak Hospital Foundation was recently informed by Blackbaud, a third-party service provider, of a security incident that impacted data held by the company on its servers. Blackbaud provides data hosting services for hundreds of nonprofits globally, including large numbers of hospital foundations and universities.

Blackbaud states it discovered and stopped a ransomware attack on its servers in May, 2020. Before the attack ended, the cybercriminal was able to download a subset of data held on its servers. Data from Longs Peak Hospital Foundation donors and potential donors may have been included in this data.

The data impacted may have included names, addresses, dates of birth, email addresses and donation gift information such as the date and amount of a donation made to the Foundation. Blackbaud affirmed that credit card data, Social Security numbers, medical information and bank account information were not accessible to the cybercriminal.

Blackbaud indicated that, based on the nature of the incident, their research and an investigation that included law enforcement, they have no reason to believe that any data was disseminated by the cybercriminal, was or will be misused; or will be distributed. Blackbaud has also taken additional steps to protect its servers and the data they hold to prevent this type of attack from happening again.

The Longs Peak Hospital Foundation values its donors, and protecting their data is a top priority. Though we have no reason to believe the Blackbaud data was disclosed to more than the cybercriminal or was misused in any way, we are sharing this security incident so donors may protect themselves by watching for any suspicious activity or possible identity theft. Though we believe the risk of identity theft is very low, as a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper law enforcement authorities. You can get information from the Federal Trade Commission at www.ftc.gov/idtheft or by calling 877.ID-THEFT (877.438.4338). You can also contact the national credit reporting agencies at:

Equifax
1-866-349-5191
www.equifax.com
P.O. Box 740241
Atlanta, GA 30374

Experian
1-888-397-3742
www.experian.com
P.O. Box 2002
Allen, TX 75013

TransUnion
1-800-888-4213
www.transunion.com
P.O. Box 2000
Chester, PA 19016

We apologize for the concern and inconvenience this incident may cause, and we remain committed to safeguarding our donors’ information.

For more information, please see Blackbaud security incident.

To contact the Longs Peak Hospital Foundation, please reach out to Executive Director Erica Siemers at 970.237.7402 or Erica.Siemers@uchealth.org.