The information below relates to a data security incident involving Blackbaud, Inc., a service provider to FINCA.
In July 2020, we were contacted by a third-party service provider, Blackbaud, one of the world’s largest providers of fundraising and donor engagement software for not-for-profit organizations.
Blackbaud informed us that they had been the victim of a cyberattack and that a criminal was able to remove certain data from Blackbaud’s clients. This included a subset of FINCA’s donor data. It is important to note that we have no reason to believe that donor credit card information, bank account information, or government-issued identification number (e.g., social insurance number) were impacted because FINCA does not maintain that information (if at all) in its Blackbaud database. However, based on the information provided by Blackbaud we have determined that the file removed may have contained some of the following for donors and prospective donors: contact information, date of birth, demographic information, giving capacity, and a history of donors’ relationship with FINCA, such as donation dates and amounts.
Presently, we have no indication that donor or prospective donor information has been misused. It is our understanding that Blackbaud conducted an investigation and ultimately paid the criminal’s demand with the intent that the criminal would delete the data. Although we have no way to confirm the data was deleted, Blackbaud has stated that it was deleted. Nevertheless, we recommend donors remain vigilant and promptly report any suspicious activity or suspected identity theft to local law enforcement. For more information about this incident, please visit Blackbaud’s webpage dedicated to this incident at https://www.blackbaud.com/securityincident.
We apologize for any inconvenience this may have caused our donors. Should you have any further questions or concerns regarding this matter and/or the protections available to you, please contact the Development Team at [email protected] or 202-280-5496.