Cyber Incident Victim: Enloe Medical Center

Enloe Medical Center, a healthcare provider based in California, began notifying patients and donors in September 2020 following a ransomware incident involving Blackbaud, a third-party cloud computing provider. The incident originated when Blackbaud disclosed in July 2020 that attackers had infiltrated their systems and exfiltrated data from multiple clients before deploying ransomware. Enloe utilized Blackbaud’s services for data management, which exposed certain patient and donor information stored within Blackbaud’s environment. The medical center confirmed its data was among the compromised datasets but did not specify whether the attackers directly targeted Enloe’s systems or solely exploited Blackbaud’s infrastructure. Notification letters were issued approximately two months after Blackbaud’s public disclosure, though the exact number of affected individuals remained undisclosed in available reports.

Enloe’s public notification acknowledged the breach involved unauthorized access to Blackbaud’s systems between February and May 2020, during which attackers acquired data containing names, contact details, and limited medical or donation history. The medical center stated it had no evidence that the stolen information was misused beyond the initial exfiltration. Enloe did not detail specific remediation efforts beyond issuing breach notifications and advising affected individuals to monitor their accounts. Blackbaud reportedly paid a ransom to prevent the attackers from leaking stolen data, though Enloe’s notification did not confirm whether this payment applied to their specific dataset. The incident formed part of a broader wave of breaches impacting over 100 organizations globally that relied on Blackbaud’s services, highlighting supply-chain risks in third-party data management. Enloe’s response focused on transparency regarding the compromise while deferring operational specifics to Blackbaud’s investigation.