27/07/2020 in RZSS
We have recently been informed by one of our suppliers about a cyber-attack which has affected many organisations and charities worldwide, including RZSS.
The supplier is a company named Blackbaud, which provides database and technology services across the world.
Unfortunately, this cyber-attack may have involved some personal data belonging to members and adopters. We have been assured that the risk to our supporters is very low.
When did this happen – and what data was accessed?
The incident was detected in May this year. The information accessed included names, dates of birth, postal addresses, postcodes, telephone numbers and email addresses.
All financial and security details held by Blackbaud are encrypted, so this information remained secure.
What are the risks?
Blackbaud have worked closely with law enforcement and informed us that, to the best of their knowledge, the information obtained has been destroyed. We understand there is no evidence of the data being used and no reason to believe it will be.
Blackbaud have therefore assured us that the risk to our supporters is minimal.
What should supporters do?
While any risk is very low and further action has been taken to protect your data, we understand this cyber-attack may cause concern.
General precautions should be taken and any suspicious activity reported to Police Scotland on 101. This could include receiving bills for goods or services you did not order, or utility bills and bank statements not arriving as usual.
There is some useful information on the Information Commissioner’s Office and Police Scotland websites:
What actions have we taken?
We have notified the Information Commissioner’s Office and the Office of the Scottish Charity Regulator.
We are also continuing to investigate this matter with Blackbaud to ensure your data remains secure.
Blackbaud have published information about the cyber-attack on their website.
Thank you – and sorry
I would like to thank you for your support for RZSS and the animals you love. I am sorry that this happened and I can assure you personally that we take our responsibility to protect you and your data very seriously.
If you have any questions, please contact us at email@example.com. We will of course keep you informed with any updates and further advice.
Chief Executive Officer