A vendor recently notified Americares of a data security incident involving donor information from Americares and several other nonprofit clients.
Blackbaud, a contractor that manages donor records and engagement, notified Americares on July 16 of a cyberattack. According to Blackbaud, the cybercriminal copied data from many clients, including Americares, during an incident discovered by the vendor in May. The attack did not specifically target the Americares donor database.
At Americares, data security and privacy are of the utmost importance. We immediately launched an internal investigation to find out which files were accessed and have been in frequent contact with Blackbaud about the actions they are taking to prevent similar incidents in the future. Blackbaud has informed Americares that it has taken steps to strengthen its protection of personal information, including updating its network security controls and email system, and it will continue to closely monitor and take further steps as appropriate to safeguard such information. Additional information on the incident is available on Blackbaud’s website.
Blackbaud has confirmed that no encrypted information such as bank account information or credit card numbers, was compromised during the incident. For the protection of our donors, this information is processed on a separate encrypted platform.
Americares donor records may include names, addresses, phone numbers, donation dates and amounts, and participation in Americares events. It is important to note that not all records include all of this information.
While Americares has no indication that its donor data was misused, we value transparency and are notifying donors to inform them of the incident.
Should donors have any further questions or concerns regarding this matter, please contact our Donor Relations Team at (203) 883-1451 or firstname.lastname@example.org.