On July 16, the Archdiocese of Denver was notified by one of its third-party software service providers that the provider had experienced a cybersecurity incident. Specifically, Blackbaud, a software company that provides customer relationship management and financial development software services to approximately 35,000 independent schools, universities and non-profit organizations, including the Archdiocese, was the subject of a cyber-attack in May. The Archdiocese, on behalf of itself and the ministries it serves, licenses Blackbaud’s cloud hosted donor data management software.
As shared publicly by Blackbaud, Blackbaud hired an outside cyber forensics team and engaged law enforcement to evaluate the breach. Additionally, the Archdiocese’s IT team worked with Blackbaud to assess possible breach ramifications to Archdiocesan/ ministry donors. Though files containing Archdiocesan/ministry donor information were breached, Blackbaud took immediate, high level action and can now confirm that it has “ . . . no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.” Know also that any encrypted information that an institutional client might maintain with Blackbaud (e.g., credit card information, bank account information, SSNs) was not accessed by the cybercriminal. That said, the Archdioceses/its ministries do not collect and store such personal donor information as a matter of both strict Archdiocesan policy and practice.
Keeping our donor data secure is a top priority. Blackbaud has assured its clients that it has since fixed the security issue that led to this event, and will of course continue to work with its IT experts to continue to maintain a secure cloud data center.
Though no further developments are expected in this matter, the Archdiocese/its ministries will promptly advise its ministry supporters should that change. We apologize for any concerns this event may cause you. Your commitment and dedication to the Church’s vital ministries cannot be understated. Should you seek further information regarding this breach, we invite you to reach out to the Archdiocese’s Mission Advancement / Donor Development offices at 720-476-7488.
May the grace of God be with us all.
