-LEGAL ADVERTISEMENT- NOTICE REGARDING DISCLOSURE OF PRIVATE INFORMATION Bemidji State University has learned of a ransomware attack of its donor management software vendor, Blackbaud, which may have allowed access by an unauthorized individual to not-public data on students, alumni, and employees.

-LEGAL ADVERTISEMENT-
NOTICE REGARDING
DISCLOSURE OF PRIVATE INFORMATION
Bemidji State University has learned of a ransomware attack of its donor management software vendor, Blackbaud, which may have allowed access by an unauthorized individual to not-public data on students, alumni, and employees. Much of the data stored by Blackbaud is considered directory information under the Family Educational Rights and Privacy Act (FERPA) and is therefore public data under Minnesota law. However, Bemidji State University disclosed some not public data to the BSU Alumni & Foundation and those data elements were stored by Blackbaud and accessible in the attack. Such information may have included contact information, dates of birth, demographic data, philanthropic interests, and donation history. Blackbaud asserts that the attacker did not access credit card information; any bank account information or social security numbers were encrypted and not accessible to the attacker.
For a full report contact Bemidji State University at DataNotice@bemidjistate.edu.
1da; 12/26