Como Friends warns donors of data breach

Como Friends, a nonprofit that supports Como Park Zoo and Conservatory, warned donors of a data breach Wednesday.

According to a letter from Como Friends President Jackie Sticha, a third-party vendor known as Blackbaud, which provides Como Friends’ donor database, had a ransomware attack on its systems earlier this year.

Como Friends said Blackbaud’s cybersecurity team, along with forensics experts and law enforcement, stopped the cybercriminal by blocking their access and fully encrypting files, and was able to expel the criminal from their systems. However, the cybercriminal was able to remove a copy of a backup file that may contain donors’ personal information.

The breach occurred between Feb. 7 and May 20.

Blackbaud eventually paid the cybercriminal’s demand with confirmation the stolen file was destroyed, Como Friends said. Blackbaud said it doesn’t believe any data was misused or disseminated.

While donors’ credit card and bank information wasn’t accessed, donors’ contact information and history with Como Friends may have been taken, Como Friends said.

The nonprofit said Blackbaud has already implemented several changes to prevent future data incidents.

Donors are still urged to remain vigilant and report any suspicious activity to law enforcement.