IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Blackbaud Breach: 78K Delaware Hospital Donors Affected

Bayhealth, a health-care provider serving southern and central Delaware, has notified 78,000 patients and donors that their information was involved in a May data breach of the nonprofit service provider Blackbaud.

hospital_shutterstock_159380372
Shutterstock/Tyler Olson
(TNS) — Bayhealth has notified 78,000 patients and donors that their information was involved in a Blackbaud data breach.

Blackbaud is a Charleston, South Carolina-based company which provides cloud computing systems for many nonprofit organizations. The company discovered in May that it had suffered a ransomware attack. HealthITSecurity.com reports over 6 million people were affected.

"The cybercriminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords," the company wrote in a U.S. Securities and Exchange Commission report.

Customers believed to have had this particularly sensitive information exposed were notified the week of Sept. 27, according to Blackbaud's website.

Bayhealth has campuses in Milford and Dover.

Spokeswoman Danielle Pro-Hudson said in a press release that, after examining the compromised database, the Bayhealth information affected did not include credit card or bank account information or Social Security numbers. It also did not include Bayhealth medical systems or electronic health records.

Letters were sent in early November to those potentially impacted.

"The compromised data may have included information about a hospitalization such as physician name or department of hospital service. Additionally, publicly available information such as name, gender, mailing address, email address and phone number may have been viewed," Pro-Hudson said.

ChristianaCare was impacted by the Blackbaud breach, as well. They announced in September that almost 27,000 patients and donors may have been involved.

ChristianaCare also said their affected data did not include financial account information, Social Security numbers or patient records.

©2020 Dover Post, Distributed by Tribune Content Agency, LLC.