February 2, 2024 at 04:20PM
Blackbaud, facing criticism from the FTC for a data breach that exposed millions of people’s information, has agreed to strengthen its IT defenses. The settlement includes deleting unnecessary customer data, updating its data retention policy, and implementing enhanced security measures. The SEC and attorneys general have also secured settlements over Blackbaud’s data security practices.
Key Takeaways from the Meeting Notes:
1. Blackbaud suffered a significant data breach in February 2020, resulting in the theft of personal information of millions of consumers.
2. The breach exposed flaws in Blackbaud’s data retention practices and security policies, leading to criticism from the FTC.
3. Blackbaud made false statements regarding the extent of the breach and delayed informing customers about the full scope of the compromised data.
4. The company faced multiple settlements and legal actions, including a $3 million settlement with the SEC and a $49.5 million settlement with attorneys general from all 50 US states.
5. As part of the settlement with the FTC, Blackbaud agreed to improve its data retention policy, implement stronger information security measures, and delete unnecessary customer backup files to reduce the risk of future data breaches.
6. Blackbaud’s CEO emphasized the company’s commitment to strengthening cybersecurity and compliance programs to enhance resilience against evolving threats.
These takeaways highlight the impact of the data breach on Blackbaud’s operations and the measures the company is taking to address the aftermath and enhance its security practices.