February 4, 2024 at 10:42AM
The FTC settled with Blackbaud over a data breach due to poor security practices. Hackers accessed sensitive customer data, and Blackbaud initially downplayed the breach. They paid a ransom and failed to ensure deletion of stolen data. As part of the settlement, Blackbaud must develop an improved security program and delete unnecessary data.
From the meeting notes, it is clear that Blackbaud has faced significant consequences due to poor security practices that led to a data breach. The FTC has reached a settlement with the company, where Blackbaud agreed to pay a 24 bitcoin ransom to cybercriminals and will now have to develop a comprehensive information security program. The FTC’s complaint highlighted Blackbaud’s failure to encrypt sensitive customer data, properly monitor and segment its network, implement multifactor authentication, and delete unnecessary data. The company’s previous agreement to pay $49.5 million to settle data breach claims further emphasizes the severity of the situation. It is evident that the FTC is actively policing poor data protection practices, and non-compliance with the settlement may result in hefty fines for Blackbaud. As a result, cybersecurity is expected to become a high priority for the company in the coming years.