Sue Ryder, like many charities, use Blackbaud as a third-party service provider to manage our communication with our fundraisers and supporters.
On Thursday 16 July 2020, Sue Ryder was contacted by Blackbaud who informed us of a data security incident in their system that was discovered in May 2020.
Upon discovery of the data security incident, the Blackbaud cyber-security team were able to remove the cybercriminal from their system. However, it is understood that the cybercriminal was able to make a copy of the data stored on the Blackbaud system.
Blackbaud has assured us that the risk to Sue Ryder and our supporters is very low as Sue Ryder does not store any credit card information of its supporters and bank details and passwords were encrypted. Blackbaud has also informed us that there is no reason to believe that any data was or will be misused
Blackbaud has included further details about the incident here.
Our supporters are incredibly important to us. Once we were made aware of the data breach, we launched our own investigation into the incident and immediately reported it to the ICO (Information Commissioner's Office).