Re: BBC reports on a breach and extortion and DOES...

rslade · ‎10-01-2020

Blackbaud is a company that makes software used by charities. You may wish to find out if your favourite charity uses Blackbaud, because they've had a breach. Blackbaud says the data theft involved personal information, but not payment details. I'm not sure how that works, because Blackbaud's filing said "Further forensic investigation found that for some of the notified customers, the cyber-criminal may have accessed some unencrypted fields intended for bank account information, social security numbers, user names and/or passwords." (They do also say that the important fields should have been encrypted.)

Blackbaud said it has paid a ransom so that the data will not be released.

However, at no point in the story does the BBC use the word "ransomware." (Good for you, BBC!)

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

tmekelburg1 · ‎10-02-2020

@rslade wrote:

However, at no point in the story does the BBC use the word "ransomware." (Good for you, BBC!)

Maybe if there were other forms of cyber extortion being reported in the media to get the masses used to the new attack method. For example, a DDoS attack that will only stop if they are paid 'X' amount of bitcoins. When threat actors continue to use malware as their traditional way to exfiltrate data, it will almost always be confused with ransomware. At least from my perspective.

BBC reports on a breach and extortion and DOES NOT USE THE WORD "RANSOMWARE"!!!