CHAPEL HILL, N.C. (WNCN) – Information on donors to the University of North Carolina System may have been compromised during a ransomware attack two weeks ago on a third party the system works with, a news release said Thursday.
Blackbaud — a private company contracted to provide relationship-management services for the UNC System and several constituent institutions — notified the system on July 16 that it had discovered that, in May, it had been the victim of a ransomware attack, the release said.
The company found that the intruders took a copy of a subset of information relevant to several of its customers. Intruders may have been able to access donors’ names, addresses, birthdays, phone numbers, email addresses, and giving history, the release said.
Encrypted data — including Social Security numbers, bank account and payment card information — was not readable to the intruders, Blackbaud told the UNC System.
Blackbaud also said it has reason to believe the intruders no longer have access to the data and didn’t pass it along to anyone else, the release said.
“We will continue to seek additional information from Blackbaud to determine the full extent and impact of this incident,” the release said.
Blackbaud is one of the largest providers of relationship-management systems. The incident has impacted higher-education institutions, health care organizations, nonprofit organizations, and more.