St. Cloud Technical & Community College has learned of a ransomware attack of its donor management software vendor, Blackbaud, which may have allowed access by an unauthorized individual to not public data on students, alumni, and employees.
Much of the data stored by Blackbaud is considered directory information under the Family Educational Rights and Privacy Act (FERPA) and is therefore public data under Minnesota law. However, St. Cloud Technical & Community College disclosed some not public data to the St. Cloud Community & Technical College Foundation and those data elements were stored by Blackbaud and accessible in the attack.
Such information may have included contact information, dates of birth, demographic data, philanthropic interests, and donation history. Blackbaud asserts that the attacker did not access credit card information; any bank account information or social security numbers were encrypted and not accessible to the attacker.
For a full report, contact Timothy Furr, College Information Officer, by calling 320-308-5177 or emailing email@example.com.