Blackbaud Data Security Breach

August 31, 2020

What happened?

Blackbaud reported a data security incident that occurred in early 2020.

Blackbaud is a software consulting firm utilized by more than 45,000 organizations worldwide. Skyland Trail uses Blackbaud software to manage our community relations database.

According to Blackbaud, they were victims of a ransomware attack early this year. Blackbaud worked with forensics experts and law enforcement to respond to the attack and ensure the security of affected users’ information. Based on the investigation, Blackbaud has no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.

Who was affected?

Individuals in this database are people who make charitable gifts, attend events, receive email and publications from us, or who may want to support our mission.

Because many former clients and client families remain connected to Skyland Trail after treatment, some former clients and/or their family members were included in this community relations database.

What information was included in the incident?

This database was not connected to the Skyland Trail electronic medical record and no part of any patient’s medical record was included or exposed.

However, data exposed in this security incident may have included:  identification as a client or former client, discharge code, dates of service, level of treatment, primary counselor name, and details the patient or family shared with the Skyland Trail administrative or development (non-clinical) staff about the patient’s experience or history.  This does not include any information shared with the clinical team as a part of treatment. 

Additionally, we do not keep credit card information, bank account information, or social security numbers in this database.

How were individuals notified?

Skyland Trail has notified all donors and other individuals included in the community relations database in July and August of 2020.

Skyland Trail is notifying all former clients who were affected (and for whom we have a current mailing address) and outlining the information potentially involved in the incident.

We also issued a news release to the Atlanta Journal-Constitution.

Skyland Trail will continue to communicate with Blackbaud about the incident and will post any new information on this webpage.

What steps can potentially affected individuals take?

Skyland Trail takes the protection and proper use of our constituents’ information very seriously, and while we are confident in Blackbaud’s resolution of the issue, we ask that all individuals potentially affected remain alert.

As a best practice, Blackbaud recommends you remain vigilant and promptly report any suspicious activity or suspected identity theft to Skyland Trail and to the proper law enforcement authorities.

How can I get more information?

To learn more about the incident or contact Blackbaud directly, please visit www.blackbaud.com/securityincident or call Blackbaud customer service at 800-468-8996.

Should you have any further questions or concerns regarding this matter please do not hesitate to call Skyland Trail at 844-456-3262.