The Smithsonian Institution in Washington, DC
The Smithsonian Institution and the Parrish Art Museum confirmed today that they were among the hundreds of organisations potentially affected by a ransomware attack earlier this year on a third-party software company in South Carolina that logs their data regarding fundraising and donors.
The hack on the systems of the software company, Blackbaud, gave an intruder access to information about donors and other constituents, including names, US addresses, phone numbers, summaries of donations and for some individuals, dates of birth, the Smithsonian says. The institution says it has begun notifying people linked to the Smithsonian whose information may have been accessible.
Previous news reports have identified other organisations whose data was potentially compromised as UKs National Trust, Human Rights Watch, dozens of charities and universities in the UK and US, and the Corning Museum of Glass in New York.
The Smithsonian emphasises that the incident did not result in the exposure of any credit card information, Social Security numbers or banking information, saying that it does not collect or store this type of data.
Blackbaud says that after discovering the attack on its systems in May, it paid the hacker or hackers the ransom demanded, which it did not disclose. “We have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly,” the software company adds.
The Smithsonian says it was informed of the data breach on 16 July, just as other institutions were being alerted and recently reachedRead More – Source