Cloud computing vendor Blackbaud has been slugged with a $3 million civil penalty by the Securities & Exchange Commission (SEC) for untruthful exposures about a 2020 ransomware attack that involved more than 13,000 customers.
In July 2020, Blackbaud proved it made a ransom payment to support data recovery measures after ransomware actors contaminated its corporate network. As per the SEC statement, the South Carolina-based Blackbaud was not forthright regarding the scope of the data-extortion malware attack and vamoosed out material attributes about the range of the incident.
Blackbaud’s incident notice, which has since been removed from its website, said the assaulters did not access credit card data, bank account details, or the social security numbers of its clients. Now the SEC expresses it encountered Blackbaud’s declaration that the ransomware attacker did not enter donor bank account information or social security numbers misleading.
Read more: Blackbaud Fined $3M For ‘Misleading Disclosures’ About 2020 Ransomware Attack
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.