IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Rhode Island Entities Breached Through Software Service Provider

A ransomware attack against the Rhode Island College Foundation and the Providence Children’s Museum may have had personal information exposed when hackers targeted a software service provider used by both organizations.

Ransomware_shutterstock_668257165
Shutterstock
(TNS) — Rhode Island College Foundation and the Providence Children's Museum were both affected by a ransomware attack on an outside vendor that might have exposed personal information.

The information might have been compromised when vendor Blackbaud, a software service provider for engagement and fundraising, suffered a ransomware attack, the Providence Children's museum said in an email.

"Please be assured that PCM does not store credit card, banking information, or social security numbers in the Blackbaud environment, and therefore those data were not involved in the incident," the museum said in an email addressed to museum "friends."

In an email, the Rhode Island College Foundation said a copy of the foundation's backup file containing personal information was removed in the attack.

"Blackbaud asserts that the cybercriminal did not access credit card information, bank account information, or social security numbers," the email says.

"However, Blackbaud has determined that the backup file may have contained generic, non-sensitive information. Blackbaud has reported to us that based on the nature of the incident, their research, and third party (including law enforcement) investigation, they have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly."

The museum was notified by Blackbaud on July 16. The attempted ransomware incursion began Feb. 7 and continued until May 20, according to the email.

"Prior to being locked out, the cybercriminal reportedly removed a copy of some Blackbaud customer backup files that may have contained personal information," the email says.

©2020 The Providence Journal, Distributed by Tribune Content Agency, LLC.