> Skip to content
FEATURED:
  • An Update for Readers on Our New Nonprofit Status
Sign In
  • Latest
  • Advice
  • Opinion
  • Webinars
  • Data
  • Grants
  • Magazine
  • Store
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
  • Jobs
    • Find a Job
    • Post a Job
    • Find a Job
    • Post a Job
Sign In
  • Latest
  • Advice
  • Opinion
  • Webinars
  • Data
  • Grants
  • Magazine
  • Store
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
  • Jobs
    • Find a Job
    • Post a Job
    • Find a Job
    • Post a Job
  • Latest
  • Advice
  • Opinion
  • Webinars
  • Data
  • Grants
  • Magazine
  • Store
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
    • Featured Products
    • Data
    • Reports
    • Collections
    • Back Issues
    • Webinars
  • Jobs
    • Find a Job
    • Post a Job
    • Find a Job
    • Post a Job
Sign In
ADVERTISEMENT
Security
  • Twitter
  • LinkedIn
  • Show more sharing options
Share
  • Twitter
  • LinkedIn
  • Email
  • Facebook
  • Copy Link URLCopied!
  • Print

Donor Lawsuits Following Blackbaud Hack Now Target Nonprofits, Too

By  Eden Stiffman
September 22, 2020
Class Action legal document  for law suit. Concept for legal class action law suit. (iStock)
Bill Oxford/Getty Images/iStockphoto

Donors continue to file lawsuits against Blackbaud, the fundraising software company that faced a massive data breach this year.

The latest was filed by Daniel Cohen, a Washington resident, who also names three nonprofits — Harvard University, Bank Street College of Education, and the Lower East Side Tenement Museum — as defendants. The goal of his suit and many others is to build a class action that will force compensation to all harmed by the data breach.

Nonprofit organizations that use Blackbaud’s software for managing donor information have been put in an awkward position since the company first disclosed the ransomware attack to its clients in July.

We’re sorry. Something went wrong.

We are unable to fully display the content of this page.

The most likely cause of this is a content blocker on your computer or network. Please make sure your computer, VPN, or network allows javascript and allows content to be delivered from v144.philanthropy.com and chronicle.blueconic.net.

Once javascript and access to those URLs are allowed, please refresh this page. You may then be asked to log in, create an account if you don't already have one, or subscribe.

If you continue to experience issues, contact us at 202-466-1032 or help@chronicle.com

Donors continue to file lawsuits against Blackbaud, the fundraising software company that faced a massive data breach this year.

The latest was filed by Daniel Cohen, a Washington resident, who also names three nonprofits — Harvard University, Bank Street College of Education, and the Lower East Side Tenement Museum — as defendants. The goal of his suit and many others is to build a class action that will force compensation to all harmed by the data breach.

Nonprofit organizations that use Blackbaud’s software for managing donor information have been put in an awkward position since the company first disclosed the ransomware attack to its clients in July.

Sometime from February to May, a cybercriminal was able to access personal donor information from a backup server storing data from an unknown number of Blackbaud clients, including the three nonprofits Cohen is suing.

Blackbaud paid a ransom to encourage the hacker to destroy the copy of the stolen data, “with confirmation that the copy they removed had been destroyed,” according to the company’s statement.

ADVERTISEMENT

But Blackbaud has provided no additional information to reassure nonprofits and their supporters that their information hasn’t gone beyond the criminal. The company has said that bank details and credit-card and Social Security numbers were not compromised during the breach, but several nonprofits have said that some sensitive information was accessed.

Nonprofits, not Blackbaud, have been notifying their supporters of the breach over the past two months. In the latest lawsuit, Daniel Cohen said he received letters in August from the three organizations he is suing.

In their disclosures to donors and other individuals whose data they stored, nonprofits have said that the criminal gained access to names, addresses, phone numbers, and giving history and capacity of donors and potential supporters

Attorney General Warning

Last Friday, Michigan’s attorney general Dana Nessel warned residents — particularly colleges and other nonprofit donors — to be on alert for fraudulent emails or phone calls in the wake of the Blackbaud breach.

ADVERTISEMENT

Recipients of letters about the ransomware attack “should also remain vigilant for suspicious emails, texts, or phone calls asking for personal information, donations, or other payments,” the attorney general says.

As of Tuesday, donors had filed 10 lawsuits against the software giant. The cases call for Blackbaud to provide free credit monitoring and financial compensation for anybody who was affected by the attack, as well as improvements to their data-security practices.

Last week, a lawyer representing plaintiff William Allen, another donor to nonprofit causes, filed a motion to consolidate the cases in the federal court system. The Judicial Panel on Multidistrict Litigation may consider that motion later this year.

In an earlier interview, the lawyer said his firm is investigating whether charities have claims against Blackbaud as well. The Tenement Museum and Bank Street College declined to comment on the suit brought by Daniel Cohen. Harvard did not respond by our deadline.

Blackbaud has declined to comment on pending litigation.

We welcome your thoughts and questions about this article. Please email the editors or submit a letter for publication.
TechnologyGovernment and Regulation
Eden Stiffman
Eden Stiffman is a Chronicle senior writer.
ADVERTISEMENT
ADVERTISEMENT
  • Explore
    • Latest Articles
    • Get Newsletters
    • Advice
    • Webinars
    • Data & Research
    • Magazine
    • Chronicle Store
    • Find a Job
    Explore
    • Latest Articles
    • Get Newsletters
    • Advice
    • Webinars
    • Data & Research
    • Magazine
    • Chronicle Store
    • Find a Job
  • The Chronicle
    • About Us
    • Work at the Chronicle
    • User Agreement
    • Privacy Policy
    • California Privacy Policy
    • Gift-Acceptance Policy
    • Site Map
    • DEI Commitment Statement
    The Chronicle
    • About Us
    • Work at the Chronicle
    • User Agreement
    • Privacy Policy
    • California Privacy Policy
    • Gift-Acceptance Policy
    • Site Map
    • DEI Commitment Statement
  • Customer Assistance
    • Contact Us
    • Advertise With Us
    • Post a Job
    • Reprints & Permissions
    • Do Not Sell My Personal Information
    Customer Assistance
    • Contact Us
    • Advertise With Us
    • Post a Job
    • Reprints & Permissions
    • Do Not Sell My Personal Information
  • Subscribe
    • Individual Subscriptions
    • Organizational Subscriptions
    • Subscription & Account FAQ
    • Manage Newsletters
    • Manage Your Account
    Subscribe
    • Individual Subscriptions
    • Organizational Subscriptions
    • Subscription & Account FAQ
    • Manage Newsletters
    • Manage Your Account
1255 23rd Street, N.W. Washington, D.C. 20037
© 2023 The Chronicle of Philanthropy
  • twitter
  • youtube
  • pinterest
  • facebook
  • linkedin