This website uses cookies for anonymised analytics and for account authentication. See our privacy and cookies policies for more information.

The voice of Scotland’s vibrant voluntary sector

Published by Scottish Council for Voluntary Organisations

TFN is published by the Scottish Council for Voluntary Organisations, Mansfield Traquair Centre, 15 Mansfield Place, Edinburgh, EH3 6BB. The Scottish Council for Voluntary Organisations (SCVO) is a Scottish Charitable Incorporated Organisation. Registration number SC003558.

Charities hit by international cyber attack

This news post is almost 4 years old

A homeless charity and mental health organisation for young people are amongst those caught up in the ransomware attack

Charities have been hit by an international cyber attack.

Crisis confirmed it is one of the organisations affected by an attack on cloud computing firm Blackbaud.

The US-based company is one of the largest providers of fundraising, financial management, and supporter management software to the UK charity sector. Mental health charity YoungMinds has also said it has been caught up in the attack.

Blackbaud opted to pay those who had carried out the ransomware attack, to ensure that data stolen would not be made public.

A statement from the company said: “We believe the strength of our cybersecurity practice and advance planning is the reason we were able to shut down this sophisticated ransomware attack. We have already implemented changes to prevent this specific issue from happening again.”

Crisis chief executive Jon Sparkes said financial information from supporters was not thought to have been affected.

He said: “We have recently been informed about a cyber-attack that has affected one of our suppliers called Blackbaud, who host our supporter database as well as databases for a number of other organisations.

“The cyber-attack resulted in details of some of our supporters being accessed. This included names, addresses, email addresses and telephone numbers. All financial information held by Blackbaud is encrypted and we are confident that this has not been breached.

“Blackbaud have informed us that, to the best of their knowledge, all of the details that were accessed have now been destroyed and there is currently no evidence of the data being used. Blackbaud has set out further details about the incident here.

“The breach affected a system that we stopped using in early 2018. Any information that you have given to us since then has not been affected. Please see further details below.”

A statement from YoungMinds said: “We have been assured by Blackbaud that there is a low risk to YoungMinds’ supporters, but all the same we would urge all of our supporters to continue to be wary of unexpected communication, and practise the usual caution around suspicious emails and letters.”

Blackbaud has notified the Information Commissioner's Office (ICO) of the incident and said it was working with them and its customers, plus federal law enforcement agencies in the US.

A number of UK universities, and the US-based non-profit Human Rights Watch, have also been affected.