Go to Content Go to Navigation Go to Navigation Go to Site Search Homepage

Important notification: Blackbaud data breach

For Immediate Release: Aug. 11, 2020


As an important stakeholder and supporter of Planned Parenthood Great Plains, we are providing you details of a cybersecurity incident recently experienced by Blackbaud, Inc., a vendor of Planned Parenthood Federation of America and several affiliates, including ours.

Blackbaud manages data management software and cloud computing software used by many nonprofit organizations. The security breach Blackbaud servers experienced compromised some donor data, including donors to Planned Parenthood Great Plains.

What happened:

Blackbaud identified a ransomware cyber attack affecting certain information stored on its servers in May of this year. They responded to and contained the situation with the aid of law enforcement and cybersecurity and forensics experts. Blackbaud stated that these teams successfully prevented the cybercriminal from blocking Blackbaud’s system access and they ultimately expelled the cybercriminal from their system. Prior to locking the cybercriminal out, however, the cybercriminal removed a copy of a backup file. (Read Blackbaud’s statement about the incident.)

Unfortunately, the file the criminal was able to remove was a portion of the data stored on the company's servers, which included some information about you and other donors. Blackbaud has assured us that credit card information and banking information were not accessed by the cybercriminal and remain encrypted. However, Blackbaud determined that the information removed and presumably destroyed may have included: names; contact information, including telephone numbers, email addresses, dates of birth, and mailing addresses; and a history of donor relationships with our organization, such as donation dates, amounts, and other information in donor profiles.

Blackbaud has obtained confirmation that the stolen data was destroyed and has no reason to believe the information was or will be misused or made publicly available. Blackbaud has also hired a third-party team of experts to continue monitoring for any web activity involving potentially compromised data.

While Blackbaud discovered and contained this attack in May of this year, the company did not notify its clients — including Planned Parenthood — until mid-July. To say the least, we find this delay unacceptable, and we are extremely dissatisfied with Blackbaud's lack of transparency around this incident. We are deeply committed to the privacy of our supporters and have been working diligently since we were notified to obtain substantial, accurate information to share with you.

What Planned Parenthood is doing:

The security and privacy of our supporters and stakeholders is of the utmost importance to us. We want to emphasize that as a policy, Planned Parenthood Great Plains never stores credit card or bank account information in our donor database systems. Planned Parenthood Federation of America’s team  has been actively working on behalf of all affected affiliates with Blackbaud and has been assured that Blackbaud has already implemented several changes that will protect our data from any subsequent incidents. Those discussions are ongoing with Blackbaud, and PPGP will reach out with additional details if PPFA and Blackbaud’s joint analysis reveals more information on specific data exposure.

Although there is no action required from you at this time, and no credit card or banking information was exposed in the Blackbaud data breach, we want to provide you with contact information if you wish to speak to someone about this issue. 

Again, we regret the inconvenience this breach may have caused you and we are working to hold Blackbaud to a higher standard of data security in the future. Please know we are committed to protecting your personal information, and will keep you informed of any further changes in this situation.   

What you can do:

We want to emphasize again that Blackbaud has assured us that no credit card, bank account, or other information of that nature was compromised. However, as a best practice, we recommend that supporters remain vigilant. If you receive unsolicited requests for donations from us or other nonprofits, then call the number on the organization’s website to confirm the legitimacy of the solicitation.

If you would like specific information related to this security breach, please visit Blackbaud’s resource page. If you have any additional questions, please do not hesitate to contact us via email at [email protected] or by calling 913.345.4696.

You may also contact the Planned Parenthood national office for more information about the breach at Blackbaud and how Planned Parenthood will hold vendors to a high standard by clicking here or by calling 800.430.4907. 

You can view the details of our Privacy Policy here, and if you want to learn more from Blackbaud, here is their resource page: https://www.blackbaud.com/securityincident

Our commitment: 

We deeply regret that this incident occurred. While data breaches and ransomware attacks are becoming more common, this is not something Planned Parenthood Great Plains ever wants to happen to our valued supporters. The privacy of our supporters is of utmost importance to us.

Blackbaud has apologized to Planned Parenthood and, on behalf of Blackbaud and Planned Parenthood Great Plains, we sincerely apologize for any inconvenience this incident may cause you.

We know that every gift made to our organization is a choice. Thank you for your support of our work to provide and protect access to sexual and reproductive health care. Our mission is only possible because of your generosity, and we are dedicated to keeping your trust.

Español

This website uses cookies

Planned Parenthood cares about your data privacy. We and our third-party vendors use cookies and other tools to collect, store, monitor, and analyze information about your interaction with our site to improve performance, analyze your use of our sites and assist in our marketing efforts. You may opt out of the use of these cookies and other tools at any time by visiting Cookie Settings. By clicking “Allow All Cookies” you consent to our collection and use of such data, and our Terms of Use. For more information, see our Privacy Notice.

Cookie Settings

Planned Parenthood cares about your data privacy. We and our third-party vendors, use cookies, pixels, and other tracking technologies to collect, store, monitor, and process certain information about you when you access and use our services, read our emails, or otherwise engage with us. The information collected might relate to you, your preferences, or your device. We use that information to make the site work, analyze performance and traffic on our website, to provide a more personalized web experience, and assist in our marketing efforts. We also share information with our social media, advertising, and analytics partners. You can change your default settings according to your preference. You cannot opt-out of required cookies when utilizing our site; this includes necessary cookies that help our site to function (such as remembering your cookie preference settings). For more information, please see our Privacy Notice.

Marketing

On

We use online advertising to promote our mission and help constituents find our services. Marketing pixels help us measure the success of our campaigns.

Performance

On

We use qualitative data, including session replay, to learn about your user experience and improve our products and services.

Analytics

On

We use web analytics to help us understand user engagement with our website, trends, and overall reach of our products.