Dear SOU supporters,
This notice is to inform you that the SOU Foundation is one of several nonprofits affected by a data security incident involving one of our vendors, Blackbaud, that may have involved some of your personal information.
We learned of the breach from Blackbaud on Thursday, July 16, and are contacting you as a precautionary measure to explain the incident. The SOU Foundation is working with our legal counsel to understand the full extent of the breach. We remain committed to ensuring that the privacy rights of our supporters is a top priority.
Information about the Incident
Blackbaud has confirmed that the cybercriminal did not access credit card information, social security numbers, bank account information, usernames, or passwords because they were encrypted. However, the breached file may have contained information pertaining to your relationship to the SOU Foundation, including past donations and demographic data. A full description of the incident is available here. (note: this link will take you to a third party website, blackbaud.com).
Preventative Measures Taking Place
Blackbaud is accelerating its efforts to further strengthen its security controls. The company has identified the vulnerability associated with this incident and has taken swift action to eliminate it. The company has confirmed through testing by multiple third parties that its fix withstands all known attack tactics.
The SOU Foundation is also reviewing all policies around data confidentiality and donor privacy to ensure current best practices are reflected and in use by us and our partners.
We regret any inconvenience this breach may cause you and sincerely apologize for this incident. Please email or call us at 541-552-6127 if you have further questions.
The Southern Oregon University Foundation