Cyber Incident Victim: Planned Parenthood
Date:
May 2020
Location:
United States of America
Summary
A ransomware attack targeting Blackbaud, a provider of donor management software, compromised personal information of Planned Parenthood donors and other nonprofits. Exposed data included names, contact details, birth dates, and spouse information, though financial records and Social Security numbers remained secure. Blackbaud collaborated with law enforcement and cybersecurity experts following the breach, asserting that the stolen data was recovered and measures were implemented to prevent future incidents. The breach impacted multiple institutions relying on Blackbaud's services, with the organization confirming transparency in communications and adequacy of remediation efforts during subsequent investigations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In May 2020, Blackbaud, a provider of donor management software to nonprofits and educational institutions, experienced a ransomware attack that compromised donor data from multiple organizations. The breach exposed personal information including names, titles, spouse names, dates of birth, addresses, phone numbers, and email addresses. Financial account details, credit card information, and Social Security numbers were not accessed, as organizations like the Food Bank of Central & Eastern North Carolina confirmed they did not store such data. Planned Parenthood disclosed that most of its state-based affiliates, including those in North Carolina, were impacted by the incident. The UNC System and other higher-education institutions also confirmed their involvement in the breach. Blackbaud stated the attack occurred in May but did not disclose the exact date or method of intrusion.
Affected organizations, including the Food Bank, were notified by Blackbaud in July 2020. The Food Bank hired a data privacy attorney to assess the breach and evaluate Blackbaud’s response, ultimately concluding the company’s actions were thorough and adequate. Blackbaud cooperated with affected clients by sharing incident details and assured them it was working with law enforcement and cybersecurity experts to prevent recurrence. No ransom payment details or attacker identities were disclosed in available reports. The breach’s widespread impact stemmed from Blackbaud’s broad client base, which included nonprofits, educational entities, and healthcare organizations like Planned Parenthood. Organizations issued individual notifications to donors but emphasized no financial data was compromised. No long-term operational disruptions or additional containment measures beyond third-party investigations were reported.