Educause Security Discussion mailing list archives
QuickTalk follow up: Responses from Blackbaud
From: Brian Kelly <bkelly () EDUCAUSE EDU>
Date: Wed, 12 Aug 2020 19:06:05 +0000
Blackbaud committed to answering your questions during the EDUCAUSE and REN-ISAC July 28th QuickTalk, and has had 1:1 conversations with many of its customers. For those of you who attended the recent QuickTalk about Blackbaud’s Security Incident, thank you. In response to that discussion, Blackbaud has developed responses to three of the most discussed topics. 1. How can I request a copy of my data involved in the security incident? * Please contact your Blackbaud representative. While we initially thought the fastest route to the information was self-service for those who were involved, we have added new options for those who need more assistance based on customer feedback. 2. How confident is Blackbaud that this situation has been remediated? * We have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly. 3. What is Blackbaud doing in response to this incident? * Our teams were able to quickly identify the vulnerability associated with this incident and took swift action to fix it. We have confirmed through testing by multiple third parties, including the appropriate platform vendors, that our fix withstands all known attack tactics. Additionally, we are accelerating our efforts to further harden our environment through enhancements to access management, network segmentation, deployment of additional endpoint and network-based platforms. We continue to monitor for posts that may contain information from the incident. Should you have any follow-up questions or questions related to your specific institution, please contact your Blackbaud Customer Success Manager. More information can also be found on the secure landing page Blackbaud provided to customers who were part of the incident. And for others, you can visit www.Blackbaud.com/securityincident<http://www.blackbaud.com/securityincident>. We encourage REN-ISAC members looking for more information about the Blackbaud security incident to review the post to the REN-ISAC Discussion email list. If you are not a REN-ISAC member and wish to see this information, please contact info () ren-isac net<mailto:info () ren-isac net> or contact your Blackbaud Customer Success Managers. More information can also be found on the Blackbaud website<https://www.blackbaud.com/security>. Brian Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu> direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- QuickTalk follow up: Responses from Blackbaud Brian Kelly (Aug 12)