Blackbaud data issue

In May, Blackbaud discovered and subsequently stopped a ransomware attack on its systems. However, some data may have been compromised. You may be aware from the news that a significant number of UK universities and charities have been affected by this issue and, unfortunately, this list includes the University of Surrey.



Blackbaud notified us of the breach in July that personal data affected may include your name, gender, date of birth, email address and details about your engagement with Surrey, such as event attendance. Subsequently, Blackbaud have announced that a subset of their customers have had their personal financial data comprised, this does not include the University of Surrey and we have been assured the data compromised did not contain any bank details or credit card information.

 

We have taken the following actions in response to this incident:

• Informed the Information Commissioner’s Office (ICO) about the breach
• Taken the decision to inform alumni and friends as soon as we could with the information available to us
• Initiated a review of our relationship with Blackbaud, including requesting them to detail the steps that they will take to ensure that they will not be affected by similar incidents in the future.

There is no need for you to take any specific action. However, we recommend you remain vigilant and report any suspicious activity or suspected identity theft to the relevant authorities. We take data security extremely seriously and our privacy notice details how we use your data and how we keep it safe.

 

If you have any questions please contact us by emailing alumni@surrey.ac.uk. You may also reach us on 01483 689236 for a callback service.

 

We understand that this news will cause concern and we are very sorry for any distress or inconvenience it may cause.