Blackbaud Security Incident | | Loyola Medicine

Blackbaud Security Incident

September 25, 2020

At Trinity Health safety is a top priority – including the safety of your personal information, which is why it is important that you are made aware of a potential issue involving your personal information.

We were recently notified by Blackbaud, a third-party service provider in the fundraising industry, that their company was the target of a recent cyber-attack, which has been reported to have affected more than 25,000 educational institutions and charities across the world. It is important to know, the cybercriminals did not attack Trinity Health’s information systems, such as medical records systems.

You can learn more about the Blackbaud security incident here.

In addition to the investigation by Blackbaud, Trinity Health is conducting our own investigation of the situation. This internal investigation is ongoing. We are working diligently to understand the impact of this matter on our donors and are communicating with individuals whose information was affected.

We deeply regret that this incident occurred and apologize for any concern or inconvenience you may experience from this notification.

If you have any questions or concerns, please contact our dedicated hotline at 877-461-2589 between 8:00 a.m. to 5:30 p.m. Central Time, Monday through Friday and a representative will be able to assist you.

Frequently Asked Questions

Who can I contact if my information was affected by this breach?

If you have any questions or concerns, please contact our dedicated hotline at 877-461-2589 between 8:00 a.m. to 5:30 p.m. Central Time, Monday through Friday and a representative will be able to assist you.

What is Blackbaud?

Blackbaud is a world-leading provider of fundraising and donation customer relationship management tools for non-profit and higher education organizations.

What happened?

On July 16, 2020, Blackbaud notified Trinity Health and other customers of a cyber-attack involving Blackbaud’s network, including ransomware, that impacted certain donor database back-up files maintained by Blackbaud, including Trinity Health’s fundraising database. It is important to know, the cybercriminals did not attack Trinity Health’s information systems, such as medical records systems.

Blackbaud reported the cyberattack occurred between April 18, 2020 - May 16, 2020. Blackbaud reported that, based on its investigation, the cybercriminals responsible for the attack could have obtained access to various and limited types of information in the client back-up files. Upon receiving this notice, Trinity Health took immediate steps to begin its own investigation to determine what, if any, sensitive Trinity Health data was potentially impacted. Please note that this attack did not occur within the information systems of Trinity Health or any affiliated Ministry.

Did the cybercriminals access my medical record?

The cybercriminals did not attack Trinity Health’s or any affiliated ministry's information systems, such as medical records systems. The fundraising database in the Blackbaud system was the target of the cyberattack.

What information of mine was potentially accessed by the criminals?

The types of information accessible within the Blackbaud system are identified in the letter you received.

Blackbaud services are highly customizable from client to client who may use the Blackbaud database differently. Blackbaud has reported that the cybercriminals responsible for this attack did not have access to financial information, such as your credit card information, bank account information, or social security number. However, they might have obtained access to various types of information.

Our forensic investigation determined that some data fields were encrypted and would not be accessible to the cybercriminals. Other fields were not encrypted and could have been accessible to the cybercriminals including information such as: donor relation to patient, patient discharge status, name of patient insurance and patient department of service, your name, contact information, donation history. This database information spans from 2000 to 2020.

Your personally identifiable information and protected health information data elements that could have been exposed in the cyberattack are: full name, address, phone numbers, email, most recent donation date, date of birth, age, inpatient/outpatient status, dates of service, hospital location, patient room number, and physician name if you were a patient of a Trinity provider.

Why was patient information included on the Blackbaud database?

After a patient receives care at a Trinity Health ministry, our Philanthropy teams reach out with the opportunity to express gratitude in honor of their care teams. We call this activity our "Grateful Patient Program." A form of grateful patient program is implemented at many major, non-profit health care institutions. University fundraisers approach their alumni in a similar way.

Limited patient information was included in the database, the examples below are not all inclusive. The examples listed are meant to provide insight into how we use the information in our database.

Date of last service is included so that former patients are not contacted too soon after care.

A referring physician is included to ensure that we honor the patient's wishes if they return a gift or thank you. Patient responses do not always include the name of the physician or there are misspellings.

Age is used to exclude minors from mailings. We consider age to offer information in a way that is preferred by that age group. For example, an elderly patient may prefer to receive communication via mail rather than email.

Have you conducted an internal investigation? How will you secure my data?

The nature of this attack was large and complex, and our internal investigation is substantially complete. The cyberattack involved Blackbaud’s network and impacted certain donor database backup files maintained by Blackbaud, including Trinity Health's donor database. Please note that this attack did not occur within the information systems of Trinity Health. We began notifying affected individuals on September 14, 2020. Due to the large volume of notifications, the notifications are being mailed out in waves until all impacted patients, donors and individuals are notified.

Blackbaud reported that they quickly locked out the cybercriminals and resolved the issue. Additional details about the security incident are available by visiting Blackbaud’s website, which includes information about Blackbaud’s steps to ensure this issue does not happen again. Unfortunately, a sophisticated attack against Blackbaud circumvented Blackbaud’s security measures protecting the information in their care leading to this incident.

Trinity Health takes security of your information seriously and makes significant investments in the protection of your information to reduce this type of event from occurring. Trinity Health is working with Blackbaud as it takes measures to further secure the information in their care to keep this type of event from occurring again. We deeply regret that this incident occurred and apologize for any concern or inconvenience you may experience from the notification.

What do I need to do?

You do not need to take any action at this time. As always, you should remain vigilant and monitor your personal information to ensure it is not being used maliciously. This includes watching for fraudulent emails or text messages that appear to come from Trinity Health, as these might include links to dangerous websites or have attachments that may infect your computer.

Stay in touch. Sign up for our Newsletter.
Sign-up Today
Office of Philanthropy: 2160 S. First Avenue Maywood, Il 60153
Phone Number: 708-216-3201
Email: philanthropy@luhs.org