UW-EC Foundation

EAU CLAIRE — The UW-Eau Claire Foundation on Thursday reported a data breach involving one of its vendors.

Foundation President Kimera Way notified constituents in a letter about a data breach involving Blackbaud, a provider of cloud and data services used by more than 28,000 organizations in more than 60 countries. The foundation uses Blackbaud’s fundraising and engagement technology platform.

According to the letter:

The university was notified July 16 of the data security incident that may have involved personal information about foundation constituents. The foundation was informed that Blackbaud discovered a ransomware attack in May in which a cybercriminal removed a copy of a backup file containing foundation constituent information and also took actions affecting a large number of the company’s other clients.

“Blackbaud has assured us that credit card information was not obtained by the cybercriminal because it was not stored in the file that was stolen,” the letter states.

However, information accessed by the cybercriminal may have included identifying information, including name, date of birth, name of spouse, address, phone number and email addresses, as well as giving history and educational attainment.

While Social Security numbers also may have been included in the stolen data, Blackbaud has assured the foundation that information was not accessible to the cybercriminal because it was encrypted.

Blackbaud informed the foundation that, after a ransom was paid, the cybercriminal informed Blackbaud the stolen data had been destroyed.

Still, the foundation apologized to constituents and advised them to remain vigilant for incidents of fraud and identity theft by regularly reviewing account statements, monitoring free credit reports and reporting suspicious activity.

Anyone with questions about the incident can contact Regina Dodge, the foundation’s information specialist, at 715-836-5624, toll free at 877-625-2473 or by email at foundation@uwec.edu.