UT Tyler targeted by ransomware attack in May
TYLER, Texas (KLTV) - UT Tyler said they were the target of a ransomware attack which occurred in May.
According to a letter sent out to members of the university, they were notified by Blackbaud, a third-party database provider, of the security incident. The letter said Blackbaud discovered and was able to stop the ransomware attack back in May, They said Blackbaud revealed to them on July 16, that a cybercriminal accessed copies of some customer files containing constituent information. Blackbaud said that by working with security experts and law enforcement, they were able to confirm that the stolen data was destroyed and not used by the cybercriminal.
The university says at this time, they are not aware of fraudulent activity that has occurred with any constituent records and they continue to work with Blackbaud to learn more.
The university said the data included publicly available information as well as relationship history/engagement information. Blackbaud said that credit card information, bank information, and Social Security numbers were not accessed by cybercriminals.
You can read the full letter below.
From the University of Texas at Tyler:
I pray that this letter finds you and your family well. Thanks to the generosity of Patriots like you, when UT Tyler classes safely open this fall, we will enroll our largest freshman class in history and award a record number of philanthropically-funded scholarships. We continue to be grateful for your support.
With that gratitude comes a responsibility and commitment to keep you fully informed of matters involving any records we maintain. We were recently notified by Blackbaud, a third-party database provider, of a security incident. Blackbaud is the world’s largest provider of software and online applications that support philanthropic and communication activities, serving more than 45,000 clients that include universities, healthcare organizations, nonprofits and foundations in more than 100 countries. The University of Texas at Tyler, The UT System Administration and most other UT institutions use one or more Blackbaud products.
We understand that Blackbaud discovered – and was able to stop – a ransomware attack in May. Based on the information we received from Blackbaud on July 16, a cybercriminal accessed copies of some customer files containing constituent information. Blackbaud worked with security experts and law enforcement to respond to the ransom threat and they report having received confirmation that the stolen data was destroyed and not used by the cybercriminal.
Immediately upon notification of the incident from Blackbaud, the UT System Administration and UT institutions have been working diligently by conducting an array of internal reviews with our legal, information security, and privacy experts to determine the exposure of our records, if any. At this time, we are not aware of fraudulent activity that has occurred with any constituent records, and we continue to work with Blackbaud to learn more.
What information was involved?
We have been informed by Blackbaud that data included publicly available information as well as relationship history/engagement information. Blackbaud further reported that credit card information, bank information, and Social Security numbers were NOT accessed by cybercriminals. Moreover, neither The University of Texas at Tyler nor the UT System Administration stores or retains such data.
How might you get more information?
We take the protection and proper use of your information very seriously and are remaining vigilant as we continue to monitor and learn more. We respectfully recommend that you do the same.
Blackbaud has reported that it has already implemented several security changes to protect constituent data from any subsequent incidents.
- You can read Blackbaud’s notification of the security incident here:https://www.blackbaud.com/securityincident
- And you can review more details about Blackbaud’s security, risk, compliance and privacy programs here:https://www.blackbaud.com/security
We are profoundly sorry for this breach. You have entrusted your generosity to us, and we will work even harder to ensure our business partners protect your privacy and safety.
If you have additional questions, please reach out to us at firstname.lastname@example.org or at 903-566-7054.
Copyright 2020 KLTV. All rights reserved.