Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }

At least two prominent fundraising organizations in Canada have notified their donors that their personal information may have been compromised in a May ransomware attack.

Ransomware is a type of software designed to lock an information servers or data and prevent it from being used by the host organization unless a payment is paid, often in the form of a cryptocurrency such as bitcoin. In this case, an unspecified amount was paid by a U.S. company that says it successfully prevented the information from being transmitted beyond the hacker.

The Centre for Addition and Mental Health in Toronto and Western University in London, Ont., advised donors recently by email that a ransom was paid by Blackbaud Inc., one of their service providers.

Story continues below advertisement

The South Carolina-based company specializes in providing cloud services to manage fundraising efforts by charitable foundations around the world. It posted a notification of the ransomware attack on its website earlier this month, several weeks after it became aware of the attack.

Blackbaud did not respond to requests for further information about how many of its Canadian clients were affected but its website lists several Canadian foundations affiliated with hospitals, charities and not-for-profit organizations.

But CAMH and Western noted in their communications that the attacker would have had access to individual names, dates of birth, contact information, donations or engagement with the fundraising organizations — information that can be bought and sold by criminal organizations around the world.

CAMH Foundation and Western assured their donors they’d be notified “immediately” if more of their information had been compromised.

“In addition to notifying all potentially affected parties directly, we are working closely with Blackbaud to understand why this happened, what data was impacted, and what actions they are taking to increase their security,” the CAMH letter said.

“While this did not affect the Foundation’s IT systems and infrastructures, we wish to assure you that we have robust protocols in place, and are continually keeping up with industry standards, including testing the security of our internal systems to be assured that the information we host is secure.”

CAMH said in a statement Thursday it would issue further updates if the situation evolves.

Story continues below advertisement

A request for more information from Western was referred to its media department but there was no immediate response Thursday.

A notice it sent last week said the university had notified privacy officials and recommended that donors contact local law enforcement if they see any suspected identity theft or other suspicious use of their personal information.

Western also said it had suspended the use of Blackbaud “for the time being” while it investigated the incident.

Blackbaud officials said Thursday during a regular quarterly conference call with analysts that its own security personnel and outside experts include law enforcement have found no has no reason to believe any data went beyond the cybercriminal or will made available publicly.

“I’d like to just like to apologize on behalf of Blackbaud for the incident,” said CEO and president Mike Gianoni. “Like a lot of companies, we get millions of intrusion attempts a month. And unfortunately, one got in to a subset of our customers and a subset of our backup environment.”

Blackbaud is a well-established company that generated US$900.4 million in annual revenue last year. In the second quarter ended June 30, which included the ransomware attack, it reported US$11.8 million of net income under U.S. generally accepted accounting principles, up from US$7.14 million a year ago with US$232 million of revenue.

Story continues below advertisement

Your time is valuable. Have the Top Business Headlines newsletter conveniently delivered to your inbox in the morning or evening. Sign up today.

Follow related topics

Report an error
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies