Cloud software program supplier Blackbaud has agreed to pay $3m to settle fees over regulatory filings it made following a significant 2020 ransomware assault.
The South Carolina-based agency, which sells software program to non-profits, colleges and different “social good” organizations, mentioned on the time that it found and contained the Could 2020 assault, however risk actors managed to steal delicate knowledge belonging to prospects.
After claiming to have paid its extorters, Blackbaud mentioned it had no cause to imagine the stolen knowledge “was or will probably be misused, or will probably be disseminated or in any other case made obtainable publicly.”
Nonetheless, the SEC’s order revealed late final week claimed {that a} quarterly report Blackbaud filed in August 2020 omitted particulars in regards to the scope of the assault.
Learn extra on Blackbaud right here: Blackbaud Breach Hits 9 Extra Universities
The agency had mentioned the chance of donor data being taken by the hackers was “hypothetical,” the regulator famous. In actuality, Blackbaud tech and customer support employees knew that donor checking account and social safety data had been stolen, however didn’t talk this to senior administration, it added.
This was all the way down to a failure to correctly keep disclosure controls and procedures, the SEC dominated.
“Because the order finds, Blackbaud did not disclose the complete affect of a ransomware assault regardless of its personnel studying that its earlier public statements in regards to the assault had been misguided,” mentioned David Hirsch, chief of the SEC Enforcement Division’s Crypto Property and Cyber Unit.
“Public firms have an obligation to supply their buyers with correct and well timed materials data; Blackbaud failed to take action.”
The $3m civil penalty Blackbaud can pay isn’t an request for forgiveness. Nonetheless, the agency has agreed to stop and desist from committing violations of the Securities Act and Securities Trade Act.
Ultimately, the ransomware breach impacted over 13,000 prospects, the SEC mentioned.
Editorial picture credit score: Aleksandrkozak / Shutterstock.com
![[UPDATE]NCSoft’s Horizon MMO Has Reportedly Been Shelved Following Feasibility Review](https://www.psu.com/wp/wp-content/uploads/2025/01/Horizon.jpeg "[UPDATE]NCSoft’s Horizon MMO Has Reportedly Been Shelved Following Feasibility Review")
