TYLER, Texas (KETK) – The University of Texas at Tyler was involved in a data security breach during a recent ransomware attack on an engagement and fundraising software provider.
In a letter to university supporters, school president Dr. Michael Tidwell said the university was notified by Blackbaud, a third-party database provider, of a “security incident” that occurred in May.
Blackbaud provides software and online apps that support philanthropic and communication activities, serving a host of clients that include most of the University of Texas system as well as health care organizations, nonprofits, foundations, and other organizations worldwide.
According to Tidwell’s letter, Blackbaud discovered “and was able to stop” a ransomware attack in May.
In ransomware attacks, the information of a target system is encrypted by an unauthorized party in a way that blocks access to the system until a ransom is paid.
In the attack, “a cybercriminal accessed copies of some customer files containing constituent information,” Tidwell’s letter says. “Blackbaud worked with security experts and law enforcement to respond to the ransom threat and they report having received confirmation that the stolen data was destroyed and not used by the cybercriminal.”
In its report on its website, Blackbaud says that, after it discovered the attack, its cyber security team, working with independent forensics experts and law enforcement, “successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system.
“Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment,” Blackbaud says.
Tidwell’s letter says that data included “publicly available information as well as relationship history/engagement information”
No credit card information, bank information, or Social Security numbers were accessed by the cybercriminals, Blackbaud says.
Tidwell says UT Tyler was informed by Blackbaud that it has received confirmation that the data accessed has since been destroyed and was not used by the attacker.
“Immediately upon notification of the incident from Blackbaud, the UT System Administration and UT institutions have been working diligently by conducting an array of internal reviews with our legal, information security, and privacy experts to determine the exposure of our records, if any. At this time, we are not aware of fraudulent activity that has occurred with any constituent records, and we continue to work with Blackbaud to learn more.”Michael Tidwell, PhD, President of The University of Texas at Tyler
Tidwell says Blackbaud has implemented several security changes to protect constituent data from any subsequent incidents.
A spokesperson for the university said the attack targeted Blackbaud’s software, that no university servers were affacted.