Security News > 2020 > July > Cloud Company Blackbaud Pays Ransomware Operators to Avoid Data Leak
Cloud software provider Blackbaud has admitted that it paid cybercriminals to regain control of data following a ransomware attack in May 2020.
Last week, the company published a notice on a ransomware attack that it fell victim to in May 2020, claiming that it was able to discover and stop the assault, but not before some data was exfiltrated by the attackers.
"Our Cyber Security team-together with independent forensics experts and law enforcement-successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system. Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment," the company said.
The company decided to pay the cybercriminals for deleting the data that was exfiltrated during the incident, "With confirmation that the copy they removed had been destroyed."
"Based on the nature of the incident, our research, and third party investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly," the company said.
News URL
Related news
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach (source)
- Telefónica confirms internal ticketing system breach after data leak (source)
- TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware (source)
- 8Base ransomware group leaders arrested, leak site seized (source)
- Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining (source)
- Black Basta ransomware gang's internal chat logs leak online (source)
- Data Leak Exposes TopSec's Role in China’s Censorship-as-a-Service Operations (source)