By Legal Futures’ Associates Hayes Connor Solicitors
It has recently been reported that tech firm Blackbaud was targeted by a ransomware attack in May with at least 12 universities and 50 charities affected in the UK and North America.
The leading cloud software provider has stated that no financial data was accessed and that all the personal information stolen has since been destroyed after it paid the ransom to prevent further risk.
Christine Sabino, senior associate at data breach and cybercrime specialist Hayes Connor Solicitors, said: “The Covid-19 pandemic has delivered the perfect environment for cybercriminals as private, public and third sector organisations try to survive this period intact.
“It appears that Blackbaud has responded quickly to protect individuals’ stolen data from being used fraudulently however, not all businesses will be able to meet the financial demands should they fall foul of increasingly sophisticated hackers.”
The UK organisations affected by the breach include The National Trust, Young Minds, The University of York and University College, Oxford.
Richard Forrest, senior associate at data breach and cybercrime specialist Hayes Connor Solicitors, commented: “It is easy to see why cybercriminals have targeted one of the largest software providers in the world however, while Blackbaud was financially capable of mitigating further risk by paying the ransom demand, few businesses can afford to risk being placed in this position.
“Prior to the pandemic, cybersecurity reports have shown that businesses are still not investing enough to prevent cyber-attacks. Organisations are faced with two key threats – the pandemic and fast acting opportunistic cybercriminals.
“It is a ticking time bomb for those who failed to implement robust data protection measures pre Covid-19 as hackers relish the opportunities that this now presents. In the event that a business refuses to meet ransomware demands, private data still has a value and can be sold on to third parties. In this event, the reputational damage to the organisation may prove fatal and the financial and psychological impact on affected individuals significant.
“Businesses are strongly advised to take all the appropriate measures to protect the private data processed, stored and shared – both by them and their supply chain – immediately before it is too late.”
For more information about Hayes Connor Solicitors, visit the website at www.hayesconnor.co.uk