Blackbaud Data Breach

Please see below for all current and previous status updates:

Update 1 October 2020

Blackbaud have confirmed that for some customers the Blackbaud data breach may have been more significant than they thought. However, they have confirmed that this does not impact the University of Liverpool.

Blackbaud’s website says:

‘Further forensic investigation found that for some of the notified customers, the cybercriminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords. In most cases, fields intended for sensitive information were encrypted and not accessible. These new findings do not apply to all customers who were involved in the incident. Customers who this applies to who we believe are using these fields for such information were contacted the week of September 27, 2020 and were provided with additional support.’

We would advise our alumni and supporters to remain vigilant and please contact us via alumni.data@liverpool.ac.uk if you have any questions or concerns.

Update 11 August 2020

We contacted alumni in July 2020 to inform you about a data security breach involving Blackbaud, one of the University’s suppliers, during which data they hold on behalf of a number of universities and other organisations, including the University of Liverpool, was targeted.

Following a comprehensive investigation by the University, as part of which we have sought advice from a number of independent cyber security experts, we are updating our alumni community with further information about the increased security measures we are putting in place as a result.

We hope that this information will provide you with further assurances that we take our responsibility regarding the data security of our entire University community very seriously.

Recommendations

Following our investigation we are reviewing our use of links and attachments in emails in order to reduce the risk of future malware or ransomware attempts. We would ask you to remain vigilant about clicking on any links in emails and do not click on a link if you are unsure or cannot verify the source.

We have also developed a series of cyber security recommendations that we would encourage you to follow in order to minimise your potential risk. If you live outside the UK, you may wish to refer to the official guidance available where you are based.

Change your password. It’s good practice to change your password regularly and, as a precautionary measure, if you haven’t already we would strongly recommend changing your NetCommunity password now
Look at the UK Government’s National Cyber Security Centre’s ‘Cyber Aware’ page for advice about how to make a strong password, along with other useful information including how to spot a phishing email and how to shop safely online https://www.ncsc.gov.uk/cyberaware/home
Run anti-virus software across your devices
Make sure you regularly back up your data
Contact Action Fraud if you are concerned you have been a victim of cyber crime in England, Wales or Northern Ireland https://www.actionfraud.police.uk/
Check the Haveibeenpwned website to identify if an email account has been compromised in a data breach: https://haveibeenpwned.com/
Check your credit score if you are concerned about potentially fraudulent activity. You can access more information about credit reference agencies from the Information Commissioner's Office (ICO) website here: https://ico.org.uk/your-data-matters/credit/

Notification of Breach 16 July 2020

The University has been contacted by Blackbaud, the third-party supplier that provides our customer relationship management system, who confirmed they had been the victim of a ransomware attack. The incident occurred between February and May 2020, during which a backup file containing personal information was obtained by the hacker.

We have been assured by Blackbaud that their security experts have fully investigated the attack and they have confirmed that no encrypted information such as personal passwords, credit card or bank account details was taken during the attack. Furthermore, their investigation concluded that the hacker has deleted the file taken during the attack and we have no reason to believe that any data was subsequently passed on by the hacker.

How has the University responded?

We have also launched our own investigation and are working with Blackbaud and other colleagues in the Higher Education sector, as well as our own Data Protection and IT teams to understand more about the breach and to take appropriate measures to increase security.

We have also informed the Information Commissioner’s Office (ICO).

What action is needed?

As there is no financial or sensitive data involved in the incident, there is no action you need to take at this time. However, if you do notice any suspicious activity, please notify the relevant authorities straightaway.

If you have any concerns about this incident please contact alumni.data@liverpool.ac.uk

Back to: Alumni

Why choose Liverpool?
It’s an important question. And there are thousands of answers.

Study with Liverpool

Find a course

Search courses

Select type

Our courses

Research with real world impact

Our research

Research

Postgraduate Research

Research and business collaboration

Advancing knowledge to transform lives

About us

Our story

Key information

Our locations

Search