MiracleFeet’s Commitment to Our Donors
MiracleFeet is immensely grateful for our dedicated and passionate supporters around the world whose generosity makes our work to end clubfoot disability possible. The trust of our donors is vital to our mission, as is our deep commitment to transparency.
In this spirit of transparency, we wish to inform the MiracleFeet community of a security breach involving a third-party vendor, Blackbaud—one of the world’s largest providers of fundraising and constituent management services for nonprofits.
Notice of Blackbaud Data Security Incident
On July 16, 2020, MiracleFeet was notified of the incident. According to Blackbaud, it was the target of a ransomware attack between February and May 2020. A cybercriminal removed a sub-set of data belonging to various Blackbaud clients, including MiracleFeet and many other nonprofits, from Blackbaud’s system.
Blackbaud stated that it paid a ransom in exchange for confirmation that the removed data had been destroyed. Blackbaud believes that no further use has been or will be made of that data, and Blackbaud reported the incident to relevant law enforcement agencies and to the information regulators in the countries in which their customers operate. Blackbaud has assured us that to prevent something like this from happening in the future, they have implemented several changes to protect constituent data from any subsequent incidents.
What we are doing
Upon receiving notice from Blackbaud, MiracleFeet immediately initiated an investigation to assess what information of our donors was involved in the breach. As part of our investigation, we engaged professionals experienced in handling these types of incidents.
We determined that the data involved in the breach may have included names of donors, contact information, and donation amounts. Please note that no credit card or bank account information for any MiracleFeet donor, past or present, was involved or compromised because we do not store that information in the affected Blackbaud system.
MiracleFeet takes the privacy and security of information in our care very seriously. We are reviewing and evaluating our existing policies and procedures related to third-party vendor management of data. We also will work with Blackbaud, or any other vendor we use in the future, to implement appropriate measures and safeguards to protect against this type of incident going forward.
Steps you can take
While we do not believe there is a specific threat to your privacy or security, we recommend that you always remain vigilant for any suspicious activity. If you have any questions or would like to speak to a member of our team, please contact us at firstname.lastname@example.org or by phone at +1 (919) 240-5572 during normal business hours.