Blackbaud Ordered To Overhaul Security Practices

Feb 5, 2024, 1:53 PM

(from the Chronicle of Philanthropy) Four years after a major data breach left Blackbaud scrambling to protect sensitive data at 13,000 nonprofits, the Federal Trade Commission ordered the company to delete unnecessary personal data and boost its cybersecurity safeguards. As part of its ruling, the FTC will require that Blackbaud develop a comprehensive information-security program and a detailed plan for when and why it retains personal data. Additionally, the kind of basic scenario testing, multi-factor authentication, and responsible data stewardship included in the FTC’s ruling could be a good place for both tech companies and nonprofits themselves to start. 

More from Chronicle of Philanthropy