Leeds Piano Competition confirm Blackbaud ransomware breach

Organisers of the Leeds International Piano Competition have confirmed that it was victim to a national cyber attack which hacked into people's personal data.

Wednesday, 5th August 2020, 6:00 am
Masaru Yoshitake performing in the Leeds International Piano Competition in 2015. Picture by Alex Whitehead/SWpix.com

Software company Blackbaud, who provide services for non-profit industries and universities across the UK, was targeted by cyber-criminals in May.

The company paid a ransom and "received assurances from the cybercriminal that the data had been destroyed", according to The University of York.

Leeds International Piano Competition, which runs every three years, sent an email to assure people that "very minimal" data was involved."

Sign up to our daily newsletter

The i newsletter cut through the noise

The email states: "You may have seen reports in the news recently about a cyber incident which has affected multiple charities and non-profit organisations in the UK and elsewhere, including the National Trust and a number of UK universities.

"We too, at the Leeds International Piano Competition, have been affected, although we want to assure you that very minimal data was involved.

"Nevertheless, we wanted to write to inform you of the details, as ensuring the safety of your data is of the utmost importance to us.

"On Thursday 16 July we were made aware of a data breach involving one of our third-party service providers, Blackbaud, which involved some of the data we hold about you. Blackbaud provides us with our customer relationship management system and is one of the world’s largest providers of such systems for charities and non-profits.

"In Blackbaud’s official communication to customers they stated that this was a malicious, criminal act.

"Blackbaud paid the cybercriminal’s demand with confirmation that the copy of data they removed had been destroyed.

"Based on the nature of the incident, their research, and law enforcement investigation, they have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.

Read More

Read More
University of Leeds second in Yorkshire to confirm Blackbaud ransomware breach

"No action is required from you at this time.

"In line with best practice, though, we recommend that you remain vigilant. Any suspicious activity or suspected identity theft should be reported promptly to the appropriate law enforcement authorities. If you have any questions, please get in touch at [email protected] – we’re here to help."