Software firm Blackbaud to pay $3 million for misleading disclosures on ransomware attack – SEC
WASHINGTON (Reuters) – Software company Blackbaud Inc has agreed to pay $3 million to settle charges it made misleading disclosures about a 2020 ransomware attack that impacted over 13,000 customers, the U.S. Securities and Exchange Commission said on Thursday.
The South Carolina-based provider for donor data management software reported a ransomware attack in July 2020. According to the SEC, the attacker did not have access to bank account information or Social Security numbers, but the SEC stated that the attacker was not authorized to gain bank account information.
“Within days” The SEC stated that some employees of the company learned from those disclosures that the attacker had accessed the information and taken it. According to the SEC, employees failed to inform senior managers who are responsible for public disclosure that the firm did not have proper disclosure controls and procedures.
According to the SEC, Blackbaud submitted a quarterly report to the agency in August 2020 that did not contain any material information regarding the scope of the attack.
Blackbaud’s attorney did not immediately respond when a request was made for comment.
(Reporting by Kanishka S in Washington, Chris Prentice New York; Editing By Chris Reese & Leslie Adler
“From Software firm Blackbaud to pay $3 million for misleading disclosures on ransomware attack – SEC”
“The views and opinions expressed here are solely those of the author of the article and not necessarily shared or endorsed by Conservative News Daily”
" Conservative News Daily does not always share or support the views and opinions expressed here; they are just those of the writer."
