Blackbaud Incident








RE: Notice of Data Breach


Friends of ISU,

We are writing to let you know about a data security incident that may have involved your personal information. Idaho State University Foundation takes the protection and proper use of your information very seriously. While we have no reason to believe your data has been used, and neither do the applicable statutes require it, out of an abundance of caution and concern we are contacting you to explain the incident and provide you with steps you can take to protect yourself.


What Happened


We were recently notified by one of our third-party service providers of a security incident. At this time, we understand they discovered and stopped a ransomware attack. After discovering the attack, the service provider’s Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking their system access and fully encrypting files; and ultimately expelled them from their system. Prior to locking the cybercriminal out, the cybercriminal removed a copy of our backup file containing your personal information. This occurred at some point between February 7, 2020 and May 20, 2020.


What Information Was Involved


It’s important to note that the cybercriminal did not access your credit card information, bank account information, or social security number. However, we have determined that the file removed may have contained your contact information such as address, phone number and email address. Additionally, data regarding your giving history to Idaho State University (date of gift, amounts, fund), if any, were included, as well as maiden name and birthdate if this information was in the system.


Because protecting customers’ data is their top priority, our third-party service provider paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.


Based on the nature of the incident, their research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.


What We Are Doing


We are notifying you so that you can take immediate action to protect yourself. Ensuring the safety of our constituents’ data is of the utmost importance to us. As part of their ongoing efforts to help prevent something like this from happening in the future, our third-party service provider has already implemented several changes that will protect your data from any subsequent incidents.


First, the provider’s teams were able to quickly identify the vulnerability associated with this incident, including the tactics used by the cybercriminal, and took swift action to fix it. They have confirmed through testing by multiple third parties, including the appropriate platform vendors, that the fix withstands all known attack tactics. Additionally, they are accelerating their efforts to further harden their environment through enhancements to access management, network segmentation, deployment of additional endpoint and network-based platforms.


What You Can Do


As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities. Identity theft should also be reported to the Federal Trade Commission (FTC) online at or by phone at (877) 438-4338, and to your financial institution and credit reporting agencies.


For More Information


We sincerely apologize for this incident and regret any inconvenience it may cause you. Should you have any further questions or concerns regarding this matter, please do not hesitate to contact Shauna Croft at (208) 282-3470 or



  Dave Jeppesen

Board Chair




Idaho State University Foundation

921 South 8th Ave., Stop 8050 | Pocatello, ID 83209-8050 | (208) 282-3470 |


921 South 8th Ave, Stop 8050
Pocatello, Idaho, 83209-8050