This is an Active case

Consumer Fraud Protection/

Blackbaud Data Breach Lawsuit

Blackbaud Data Breach Lawsuit

Share
A graphic with blue padlocks and a large unlocked red padlock, overlaid and underlaid with glowing numbers and letters

The Legal Team

View Other Attorneys

Data breach lawyers

Case Overview

Blackbaud, a software company that provides cloud-based services to charitable foundations, educational and health institutions, religious organizations, and other non-profits, is at the center of a data breach that could affect as many as 45,000 of its clients globally. Millions of names, addresses, phone numbers and other personal information —including that of children—may have been compromised in a ransomware attack and resulting data breach. Some people’s patient information was also removed.

Whether you’re doing business, going to school, or managing your health, you should be able to trust that that the companies you share your private information with will take necessary precautions to protect you from cybercriminals. Motley Rice data breach attorneys filed a proposed class action suit in September 2020 for a child and other victims affected by the cyberattack. The suit alleges Blackbaud’s security measures were inadequate and did not protect scores of individuals and businesses against unauthorized access by third parties, despite being aware of a steady increase of cyberattacks in recent years.

Feb. 18, 2021

MARLON KIMPSON APPOINTED CO-LEAD COUNSEL IN BLACKBAUD MDL

U.S. District Judge J. Michelle Childs appointed Motley Rice attorney Marlon Kimpson as co-lead counsel for plaintiffs who allege software company Blackbaud released their most sensitive data to criminals in a ransomware attack and subsequent data breach that compromised the private information of tens-of-thousands of the company’s clients and millions of people, worldwide. Read more.

Read more on Marlon’s appointment in the National Law Journal, “MDL Judge Taps 'Most Diverse Leadership Team Ever' in Data Breach Class Action.”

Blackbaud data breach background 

Cybercriminals began a ransomware attack on South Carolina-based software provider Blackbaud in February 2020. Three months passed before the company discovered and stopped the attack in May 2020. Blackbaud waited until July 2020 to alert the public.

According to a statement release by Blackbaud, the company’s cybersecurity team collaborated with independent forensics experts and law enforcement to lock the cybercriminals out of its system after it discovered the breach. However, the measures took place well after the criminals had already gained access and compromised a trove of data. 

Blackbaud paid the cybercriminals a ransom to destroy their copy of the data, and the company claims no credit card, bank account or social security numbers were compromised. When notified of the attack, victims, however, were still advised to monitor their own credit and accounts for suspicious activity.

Blackbaud has not offered or provided victims any recourse, including means to acquire credit monitoring or otherwise compensate victims for the harm done. 

On Sept. 15, 2020, Motley Rice filed litigation against the company. Read the complaint. On Dec. 7, 2020, Motley Rice updated the filing, adding more details about the allegations. Read the complaint.

Motley Rice data breach experience

Motley Rice attorneys represent and have filed litigation for victims in multiple cybersecurity breaches that left millions of victims susceptible to identity theft. Our experience includes litigating the massive Equifax data breach that affected 143 million Americans in 2017, as well as representing Marriott and Starwood hotel guests affected by a series of data breaches over the course of several years that potentially exposed passport information and other personal data for up to 500 million customers. Attorney Jodi Westbrook Flowers serves as co-liaison counsel of the 21st Century Oncology data breach Plaintiffs’ Steering Committee overseeing litigation filed for patients who allege their medical records were exposed by the company due to a lack of security.

Jodi also leads a team of Motley Rice attorneys in an investigation into claims that Facebook violated privacy laws by allowing third parties to harvest private information from millions of the network’s users. Read more on our experience.

Read more on the Motley Rice Legal Blog: