In a statement sent to donors and released to the Tribune on Friday, the Columbia campus stated it was informed of the data breach in late July and that hackers gained access to personal data stored in the company's cloud-based system.
No credit card numbers, bank information or Social Security numbers were exposed because MU did not provide that data to Blackbaud, the university stated.
"However, data such as names, street addresses, date of births, phone numbers and email addresses, as well as wealth holdings and net worth, could have been accessed during this incident," the statement read.
Missouri University of Science and Technology in Rolla issued a similar statement.
"This incident affected a significant number of other higher education institutions, nonprofit organizations and foundations, and included unauthorized access to personal data stored in the donor management platform," the Rolla campus stated.
In a statement issued July 16, Blackbaud described the hacking as a ransomware attack that obtained a copy of its online data. The company stated it was able to stop the attack before it shut down its system but was unable to prevent the data breach.
"Because protecting our customers' data is our top priority, we paid the cybercriminal's demand with confirmation that the copy they removed had been destroyed," the company stated. "Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly."
In an email, Eric Stann of the MU News Bureau stated that the university had conducted an investigation of the incident and "shared this information as appropriate to their respective audiences."
©2020 Kirksville Daily Express, Distributed by Tribune Content Agency, LLC.
