31st July 2020

Information about Blackbaud

Blackbaud host our database of supporters

We have recently been advised by one of our suppliers, Blackbaud, that it has, unfortunately, been subject to a cyber-attack.

Blackbaud host our database of supporters and have informed us that details of some of our supporters (names, addresses, email addresses and telephone numbers) have been accessed. We are not the only charity affected and Blackbaud also host supporter databases for a number of other charities.

Blackbaud has assured us that the risk to individuals’ data is very low and that no financial data was compromised (this all being encrypted). Blackbaud has set out further details about the incident here. They have informed us that, to the best of their belief, all of the details accessed have since been destroyed and there is no evidence of the data being used.

We take the security of our supporters’ information very seriously and we are conducting our own investigation into this matter. We are writing to our supporters whose data may have been accessed to inform them of this and the steps we are taking to ensure the safety of their data.

We are very sorry that this has happened but believe that there is no need for our community to take any action at this time. As a best practice, we recommend people remain vigilant and promptly report any suspicious activity or suspected identity theft to the police.

We have informed the Information Commissioner’s Office (ICO) and the Charity Commission of this incident and are seeking guidance from them. We are also working with Blackbaud to understand how this data breach took place and the steps they are taking to ensure it will not happen again.

Here are questions and answers that you may have. Anyone who has questions about this or would like to discuss what has happened, can contact us at supportercare@migrainetrust.org.