Blackbaud Inc. agreed to delete extraneous data and reform its cybersecurity practices in a proposed settlement with the US Federal Trade Commission over a 2020 ransomware attack that impacted millions of consumers’ private data.
Blackbaud’s failure to provide adequate network security, leading to a hack that exposed personal information collected by nonprofits and health organizations, violated the FTC’s establishing law, according to a Thursday proposed settlement with the agency. The software provider also retained more data than it needed, worsening the impact of the 2020 hack, and inaccurately alerted those affected about the breach’s severity, a complaint filed the same ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.