Blackbaud Security Incident

We deeply appreciate your support of the Freedom Forum and our affiliates, the Newseum and the Freedom Forum Institute, and our mission to foster First Amendment freedoms for all. As part of our efforts to share important updates with our valued supporters, we are writing to inform you about a data incident involving one of our long-time vendors, Blackbaud, that may have affected some of your personal information. Blackbaud is the global market leader in not-for-profit software, and their products are commonly used to manage relationships and communications with constituents and donors.

What Blackbaud Has Disclosed

The Freedom Forum was recently informed that Blackbaud discovered and stopped a ransomware security incident in May of this year. According to Blackbaud, after discovering the security incident, Blackbaud’s Cyber Security team — together with independent forensics experts and law enforcement — successfully prevented the cybercriminal from blocking Blackbaud’s system access and fully encrypting files, and Blackbaud ultimately expelled the cybercriminal from their systems.

As a result of this security incident, the cybercriminal removed copies of certain files from Blackbaud’s servers. We have been informed that Freedom Forum’s backups were among the data affected, and those files may have contained your contact information, demographic information, and a history of your relationship with us, including details such as donation dates and amounts. Based on the reports from Blackbaud, the cybercriminal did not access any credit card information, bank account information, or Social Security numbers. It is also important to note that this incident did not involve or affect the Freedom Forum’s security systems in any way. Further details can be found on the Blackbaud website.

How Freedom Forum Is Responding

We sincerely apologize for any concern or inconvenience this incident may have caused. We take our responsibility to protect the information entrusted to us seriously and are continuing to investigate this matter. We also continue to review our vendors’ practices to ensure your personal information is processed as safely and securely as possible. As best practice, we recommend maintaining your routine personal practices of remaining vigilant to cybercriminal scams, and promptly reporting any suspicious activity to law enforcement authorities. Additionally, Blackbaud has implemented several changes designed to protect data from future attacks.

If you have any questions or concerns regarding this matter, you may email [email protected], or you may call 877/352-0193 Monday through Friday from 8 a.m. to 6 p.m. Eastern.