FTC Finalizes Order with Blackbaud Related to Allegations the Firm’s Security Failures Led to Data Breach

Share This Post

The Federal Trade Commission has finalized an order against Blackbaud Inc. settling allegations that its lax security practices allowed a hacker to breach the company’s network and access the personal data of millions of consumers including Social Security and bank account numbers.

In a complaint first announced in February 2024, the FTC charged that the South Carolina firm, which provides data services and financial, fundraising, and administrative software services to companies, nonprofits and others, failed to implement appropriate safeguards to secure and protect the vast amounts of personal data it collects. As a result of these failures, a hacker in early 2020 exploited weaknesses in Blackbaud’s networks, which went undetected for three months, allowing the hacker to remove massive amounts of unencrypted sensitive consumer data belonging to Blackbaud’s customers. The company waited nearly two months to notify its customers about the breach and then misled consumers about the extent of the data that was stolen, according to the complaint.

Under the order, Blackbaud is required to delete data that it no longer needs to provide its products or services and is prohibited from misrepresenting its data security and data retention policies. The order also requires Blackbaud to develop a comprehensive information security program that would address the issues highlighted by the FTC’s complaint and put in place a data retention schedule outlining its data deletion practices. It also requires Blackbaud to notify the FTC if it experiences a future data breach that it is required to report to any other local, state, or federal agency.

After receiving two comments, the Commission voted 3-0-2 to give final approval to the settlement. Commissioner Andrew Ferguson did not participate and Commissioner Melissa Holyoak was recused.

Official news published at https://www.ftc.gov/news-events/news/press-releases/2024/05/ftc-finalizes-order-blackbaud-related-allegations-firms-security-failures-led-data-breach

Related Posts

Kids Get in Free: High School Baseball National Championship Series, Presented by Stinger Sports, Set for June 27-30 at Charles Schwab Field, Omaha, NE

The best-of-the-best high school baseball players from across the country are coming to Omaha. See the stars of tomorrow battle it out on the biggest stage. ...

FTC Data Shows Major Increases in Cash Payments to Government Impersonation Scammers

New Federal Trade Commission data reveals that government impersonation...

Introducing $UTHX, the Preeminent Metaverse Token on the Solana Blockchain

Utherverse (Utherverse.io) announces the August 2024 launch of $UTHX Utherverse Utherverse LOS ANGELES, June 14, ...

SWTHZ (SweatHouz) Appoints Dr. Susanna Søberg, PhD as Lead Science and Education Advisor

ATLANTA, June 13, 2024 (Newswire.com) - SWTHZ, the leader in boutique wellness and contrast therapy, is excited to announce the appointment of Dr. Susanna Søb...

Two Leading Student Transportation Technology Groups Announce Integration to Serve Joint Customers

Bytecurve and BusPlanner integration delivers opportunity for improved performance for hundreds of school bus fleets ...
green agriculture project
- Part of VUGA Media group -best seo company