Cyber Incident Victim: American Museum of Natural History
Date:
Feb 2020
Location:
United States of America
Summary
Hackers accessed personal information of visitors at the American Museum of Natural History, compromising contact details, demographic data, and donation histories. The breach occurred through a third-party system operated by Blackbaud, though financial information such as credit card or bank account data remained unaffected. The involved company stated no evidence suggested the stolen data was further disseminated and engaged external security monitoring to detect potential disclosures.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The American Museum of Natural History disclosed a data breach in October 2020 involving unauthorized access to visitor information by hackers. The incident occurred between February and May 2020, affecting systems managed by the museum's third-party service provider Blackbaud. Compromised data included visitor contact information, demographic details, and records of prior donations to the institution. Financial data such as credit card numbers or bank account information remained unaffected according to the museum's assessment. The breach was detected and contained by Blackbaud, though specific details about the discovery method or intrusion vectors were not publicly disclosed.
Blackbaud confirmed the breach impacted multiple organizations beyond the museum and stated there was no evidence the stolen data had been disseminated or misused following the incident. The company engaged a third-party cybersecurity firm to monitor dark web channels for any signs of the compromised information appearing for sale or distribution. The museum notified affected individuals about the breach but did not specify the total number of impacted visitors or donors. No ransomware demands or public extortion attempts related to this specific breach were reported by either the museum or Blackbaud. The institution maintained operations throughout the incident period with no reported disruptions to public services or exhibitions.