Contact: Ryan Jarvi 517-599-2746Agency: Attorney General
September 18, 2020
LANSING – Michigan Attorney General Dana Nessel issued a consumer alert today telling Michigan residents, particularly college and other nonprofit donors, to beware of fraudulent emails and phone calls seeking personal information or suspicious donation requests.
The alert follows a ransomware attack on Blackbaud, a major provider of software services used by nonprofits in fundraising that resulted in the acquisition of donor information by a cybercriminal. Blackbaud customers include colleges, hospitals, churches and various other types of nonprofits throughout the U.S., including in Michigan.
Blackbaud notified affected customers using its services of the security breach, leaving it to those nonprofits to provide any notice to impacted individuals. The breach was reported by Blackbaud in mid-July.
The Blackbaud security breach and its impacts on nonprofits and consumers vary. Social Security numbers, credit card and bank account information were not accessed, according to Blackbaud. Accessed information generally included names, titles, telephone numbers, email addresses, mailing addresses, dates of birth and, more importantly, donor information such as donation dates, donation amounts, giving capacity, philanthropic interests and other donor profile information. Blackbaud claims that it has "no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly" but, to date, has not announced any concrete substantiation of this claim.
More on Michimich.com
"Donor information can be a roadmap identifying people willing and able to contribute to worthy causes and institutions. In the wrong hands, it can target individuals for exploitation and scammers," said Nessel. "Personal information with this level of detail, in the hands of fraudsters, is particularly susceptible to spear phishing – a fraudulent email to specific targets while purporting to be a trusted sender, with the aim of convincing victims to hand over information or money or infecting devices with malware. Anyone who receives a notification letter regarding the Blackbaud data breach should not dismiss the letter, and should not only take the recommended steps in the notice, but also remain vigilant for suspicious emails, texts or phone calls asking for personal information, donations or other payments."
Nessel urges every Michigan resident who gets a text, email or call that is supposedly from an organization or business asking for login credentials, credit card, bank account or any other personal information to hang up and not respond.
"The bottom line is this: Don't give a single piece of personal information – your birth date, the last four digits of your Social Security number, your PIN numbers – to anyone who calls," Nessel said. "Hang up the phone and call back to a number you know to be legitimate."
More on Michimich.com
For more information please read the Attorney General's Consumer Alert Data Breaches, What to do Next.
Consumers are encouraged to file consumer complaints with the Michigan Department of Attorney General online or by calling 877-765-8388.
Click here to view a copy of the Blackbaud consumer alert.
September 18, 2020
LANSING – Michigan Attorney General Dana Nessel issued a consumer alert today telling Michigan residents, particularly college and other nonprofit donors, to beware of fraudulent emails and phone calls seeking personal information or suspicious donation requests.
The alert follows a ransomware attack on Blackbaud, a major provider of software services used by nonprofits in fundraising that resulted in the acquisition of donor information by a cybercriminal. Blackbaud customers include colleges, hospitals, churches and various other types of nonprofits throughout the U.S., including in Michigan.
Blackbaud notified affected customers using its services of the security breach, leaving it to those nonprofits to provide any notice to impacted individuals. The breach was reported by Blackbaud in mid-July.
The Blackbaud security breach and its impacts on nonprofits and consumers vary. Social Security numbers, credit card and bank account information were not accessed, according to Blackbaud. Accessed information generally included names, titles, telephone numbers, email addresses, mailing addresses, dates of birth and, more importantly, donor information such as donation dates, donation amounts, giving capacity, philanthropic interests and other donor profile information. Blackbaud claims that it has "no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly" but, to date, has not announced any concrete substantiation of this claim.
More on Michimich.com
- Michigan: Video: In wake of road worker deaths, Gov. Whitmer reminds travelers to drive like this is your workplace
- Michigan: 'Railroad Dock' boating access site to close temporarily in Menominee County
- Michigan: Maintenance project on M-55/I-75 BL near West Branch starts next week
- Michigan Indian Legal Services Halloween Party
- Flagstar Bancorp, Inc. Announces Proposed Offering of Subordinated Notes
"Donor information can be a roadmap identifying people willing and able to contribute to worthy causes and institutions. In the wrong hands, it can target individuals for exploitation and scammers," said Nessel. "Personal information with this level of detail, in the hands of fraudsters, is particularly susceptible to spear phishing – a fraudulent email to specific targets while purporting to be a trusted sender, with the aim of convincing victims to hand over information or money or infecting devices with malware. Anyone who receives a notification letter regarding the Blackbaud data breach should not dismiss the letter, and should not only take the recommended steps in the notice, but also remain vigilant for suspicious emails, texts or phone calls asking for personal information, donations or other payments."
Nessel urges every Michigan resident who gets a text, email or call that is supposedly from an organization or business asking for login credentials, credit card, bank account or any other personal information to hang up and not respond.
"The bottom line is this: Don't give a single piece of personal information – your birth date, the last four digits of your Social Security number, your PIN numbers – to anyone who calls," Nessel said. "Hang up the phone and call back to a number you know to be legitimate."
More on Michimich.com
- New Semiconductor Chip from NS Nanotech Emits Far-UVC Disinfectant Ultraviolet Light to Neutralize Coronavirus
- Launching New No Touch Tool Made from EPA Registered Alloy
- Michigan: MDHHS announces $50,000 grant for direct care worker infection control training
- Michigan: AG Lawsuit Stops Trump Administration's Cuts to SNAP Food Assistance for 700,000 Unemployed Americans
- Michigan Civil Rights Commission Recognizes Contributions of Michigan's LGBTQ Community, Reaffirms Commitment to Protection for LGBTQ Civil Rights under ELCRA
For more information please read the Attorney General's Consumer Alert Data Breaches, What to do Next.
Consumers are encouraged to file consumer complaints with the Michigan Department of Attorney General online or by calling 877-765-8388.
Click here to view a copy of the Blackbaud consumer alert.
0 Comments
Latest on Michimich.com
- Rose McGowan to Headline Movement for a People's Party Debate Response
- Waterford Dentist Contributes To Nationally Renowned Textbook
- Michigan: Public comment period closes for Enbridge Line 5 tunnel proposal
- Michigan: MDHHS issues Emergency Order updating requirements for residential care facilities to allow for indoor visitation
- Michigan: Voting resources available for housing insecure or homeless individuals
- Michigan: U.P. roadside parks set to close for season
- Michigan: UIA offers new phone appointment option for claimants requiring one-on-one support
- BeBop Sensors' Forte Data Glove Adds Haptic Interaction Support for Oculus 2 and Unreal Engine
- LYRIC names Toni Newman as New Interim Executive Director and Jodi Schwartz as President
- BitRouter Announces Dihedral Software Release for its ATSC3pro Receiver at NAB Show New York
- Continental Structural Plastics, Inapal Components Reduce Weight, Complexity for New Luxury SUV in Europe
- Meridian and Samsung Donate Smartphone Devices to Healthcare Providers in Michigan
- WeFunder Secured and Launches Crowdfunding for Emerging AI Startup
- Braeden Lichti - What's Next for the Healthcare Sector?
- Scottsdale Plastic Surgeon Dr. Patti Flint now offering sought-after lip lift procedure
- Entrepreneur, Investor Signs $100,000 Contract With Hotel To Host First Female Founders Pitch Summit Despite Pandemic
- USDA approves Michigan's industrial hemp state plan
- Michigan: Voters should hand-deliver absentee ballots to avoid postal delays
- Michigan: AG Nessel Joins Coalition Opposing Alabama's Attempt to Ban Curbside Voting
- New Partnership Aims to Create COVID-Safe Zones for Return to Work, Travel, Conferences and Live Events