Sunnybrook Statement: Notice of Blackbaud data breach

August 11, 2020

Sunnybrook Foundation recently learned that one of our third party service providers, Blackbaud, experienced a ransomware attack that involved many of its charitable and not-for-profit organizations around the world, including Sunnybrook Foundation. In a ransomware attack, cyber criminals attempt to disrupt a business by locking companies out of their own data and servers.

Sunnybrook Foundation uses Blackbaud’s customer management relationship platform to manage donor and organization data.

Financial information such as banking or credit card information was not impacted.

What happened

Blackbaud has told us that, after discovering the attack, Blackbaud’s Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking system access and fully encrypting files; and ultimately expelled them from the system.

Blackbaud informed Sunnybrook that Blackbaud paid a ransom and the cybercriminal confirmed that copies removed were destroyed.

Blackbaud has also hired a forensic firm to monitor the internet and dark web for any signs of the breached data.

What information was involved

A subset of our donor database was impacted. We believe that the data could have included name, address, email address and details of online donations to Sunnybrook Foundations.

Financial information such as banking or credit card information was not impacted. Data involved in this incident came from the Sunnybrook Foundation only. Hospital records were not involved in any way.

What Sunnybrook Foundation is doing

We have notified directly by email the individuals whose information may have been impacted by the breach. If we learn through our investigation that additional donor information was accessed, we will contact those donors directly.

Sunnybrook Foundation takes donor privacy and data security seriously and we continue to work with Blackbaud to understand why this happened and what steps they are taking to increase their security.

What you can do

There is no further action for you to take at this time, but we recommend and encourage you to remain vigilant and report any suspicious activity or any suspected identity theft to your local law enforcement agency.

We regret the inconvenience that this issue may cause. We are here to address your questions or concerns. You can contact the Sunnybrook Foundation team by emailing foundation@sunnybrook.ca.