Inova Suffers Third-Party Data BreachInova Suffers Third-Party Data Breach
The breach occurred as part of a ransomware attack against service provider Blackbaud.
September 10, 2020
Inova Health Systems has notified customers that it was hit by a ransomware attack through a third-party vendor. Blackbaud, a vendor that provides fundraising support to nonprofit organizations, was itself hit by an attack that resulted in Inova data being exfiltrated from the Blackbaud servers.
According to Blackbaud, data was exfiltrated between February 7, 2020, and May 20, 2020. The exfiltration was part of a ransomware attack that did not succeed in encrypting significant data at Blackbaud. Ultimately, though, the company says that it paid a ransom in order to have the exfiltrated data destroyed, which it says was done.
The exfiltrated data included personally identifiable information on patients and donors to Inova, though it did not include Social Security numbers or payment information. Blackbaud says that it has remediated the vulnerability that allowed the attack, and that its data is now safe.
For more, read here.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks