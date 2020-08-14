Hackers may have accessed personal data of supporters of James Madison’s Montpelier, the Orange County historic site told its members and followers Wednesday.
The Montpelier Foundation, which administers the National Trust for Historic Preservation site, emailed people this week about the security incident and outlined what they can do to protect themselves.
Home of the nation’s fourth president, James Madison—father of the U.S. Constitution and architect of the Bill of Rights—Montpelier is one of Virginia’s premier venues for heritage tourism.
Blackbaud, the foundation’s online security firm, told its customers that it doesn’t believe the hacker shared the data it obtained. The U.S. firm serves hundreds of millions of users in more than 100 countries.
The company, which manages data for many nonprofits and educational institutions, told Montpelier it was targeted by a ransomware attack starting Feb. 7 that could have continued intermittently until May 20, Montpelier Foundation President and CEO Roy F. Young II wrote supporters.
Upon discovering the attack, Blackbaud’s security team brought in law enforcement and independent forensics experts and expelled the cybercriminal from its system, Young wrote.
“Blackbaud indicated that the cybercriminal did remove a copy of a backup file containing some of your personal information before being locked out of the system,” he added. “Blackbaud paid the cybercriminal's demand with confirmation that the copy the cybercriminal removed had been destroyed.”
“Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly,” Blackbaud told customers in a statement. “This incident did not involve solutions in our public cloud environment (Microsoft Azure, Amazon Web Services), nor did it involve the majority of our self-hosted environment.”
The company expressed regret for the incident, saying it has notified the subset of customers
affected by the incident, supplying them with information and resources.
In his Aug. 12 email, Montpelier’s Young apologized for any inconvenience the cybercrime may cause them and urged people to contact the foundation with questions or concerns by emailing support@montpelier.org.
“It's important to note that the cybercriminal did not access your credit card information, bank account information, or Social Security number,” Young wrote. “However, Blackbaud indicated that the backup file that was removed, may have contained demographic information including customer and donor names, physical and email addresses, telephone numbers, and giving history. ... We are notifying you so that you can take immediate action to protect yourself.”
Blackbaud has “implemented several changes that will protect your data from any subsequent incidents,” Young said. “As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities.”
