VMFA notifies patrons of data breach

Updated: Sep. 22, 2020 at 6:06 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

RICHMOND, Va. (WWBT) - In an email, the Virginia Museum of Fine Arts notified its patrons of a data breach involving its former third-party cloud hosting company, Blackbaud.

Blackbaud is one of the largest providers of fundraising and financial management software.

According to the email, the company notified the VMFA that it was the victim of a ransomware attack and a copy of backup files maintained by Blackbaud was removed.

The email said the files contained information from development activities prior to 2015, and that Blackbaud’s cybersecurity team found the attack and stopped it.

The VMFA said the compromised data might have included names and contact information, but it did not contain any credit card, social security numbers, bank account information usernames or passwords.

“Blackbaud assured us that, based on the nature of the incident, their research, and law enforcement’s investigation, the stolen data has been destroyed. There is no reason to believe any data went beyond the cybercriminals, was or will be misused, disseminated or otherwise made available publicly. Blackbaud has hired a third-party team of experts to monitor the dark web and will advise us promptly if any additional problems are identified,” the email to patrons said.

The VMFA said it was notifying patrons out of the abundance of caution and said it does not believe anyone needs to take further action.

Copyright 2020 WWBT. All rights reserved.

Submit a news tip.