Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Member Updates > Blackbaud Security Incident

Blackbaud Security Incident

Blackbaud data security incident affecting Elizabeth College Foundation and the Old Elizabethan Association

Blackbaud data security incident affecting Elizabeth College Foundation and the Old Elizabethan Association

Elizabeth College Foundation and the Old Elizabethan Association have been in contact with members of the community to inform them about a potential data security incident affecting an old copy of the Foundation and OEA Database.

Blackbaud, a software service provider and the former supplier of our database, has suffered a data breach. Elizabeth College Foundation takes its responsibilities regarding data security very seriously and is taking all necessary steps to review and respond to this incident, including notifying those individuals who may have been affected.

What happened?

Blackbaud has notified us that they have been the victim of a sophisticated ransomware attack, which occurred earlier this year. A backup file containing personal information was stolen by a cybercriminal. It is important to note that no sensitive information, such as bank account information, passwords or usernames, was taken. Blackbaud’s cyber security team worked with forensics experts and law enforcement agencies to expel the cybercriminal from its systems and fix the vulnerability they had used to access the data.

We terminated our contract with Blackbaud in December 2018, but due to breakdowns in their procedures Foundation and OEA data dating from 2018 was still on the servers affected by the breach.

Blackbaud has assured us that they do not believe that the data has been shared or misused.

How is the Foundation responding?

As soon as we became aware of the breach a report was made to the Office of the Data Protection Authority in Guernsey. We also launched an internal investigation including a data audit to determine who had been affected and take appropriate action. This was a complex process that took time to complete. We have contacted those individuals who may have been affected to update them on this incident.

What do individuals need to do?

There is no action that you should take as a result of this incident, but would we encourage all members of our community to remain wary of any unexpected communications, suspicious emails, letters, or phone calls. Any suspicious activity should be reported to the proper law enforcement authorities.

We value greatly the support of all our alumni, parents and friends of the College.  Whilst we could not have foreseen this incident occurring two years after ending our relationship with Blackbaud, nonetheless we sincerely regret any concern or inconvenience that this incident may cause.

If you have any questions in regard to this incident please contact data@elizabethcollege.gg

Similar stories

Well done to OE Fraser Kent who has recently been selected for the Bristol Bears U18 Rugby Academy. More...

The Guernsey Medic Network is a ground-breaking collaboration between all the sixth form schools, all the GP practices i… More...

The OEA v EC 1st XI Hockey match was played on Tuesday 4th April at the home of Guernsey Hockey, Footes Lane. More...

Most read

This will be a document for the whole year. Please do get in touch at oea@elizabethcollege.gg if you have something you would like added to this page. More...

Well done to OE Fraser Kent who has recently been selected for the Bristol Bears U18 Rugby Academy. More...

Keep up to date with news of OE births, marriages & deaths More...

Have your say

 
This website is powered by
ToucanTech