Skip to Content

Bush Center says some donors’ information was stolen in May hack

Demographic and donation information for some individuals associated with the George W. Bush Presidential Center was stolen in a May ransomware attack and purportedly later destroyed, the center said Thursday.

On July 16, data management services provider Blackbaud told the Bush Center it had stopped a ransomware attack in May but that the perpetrators “removed a copy of some of the Bush Center’s data regarding donors and other contacts,” the center said in a news release.

The Bush Center said in a statement on Thursday that Social Security numbers and credit card information had been encrypted and not compromised. The center amended that statement on Friday to note that credit card information was stored in a different location.

“According to Blackbaud, Social Security numbers contained in the affected systems were encrypted and the decryption keys were not compromised because they were stored in a different location. Credit cardholder data was not part of the incident because it was stored in a different location,” the center said on Friday.

Blackbaud told the center that it “paid a ransom to the attackers in order to obtain confirmation that the ‎compromised unencrypted information has been destroyed.”

“To date, there ‎is no indication that any of the compromised unencrypted information is subject to further disclosure or misuse‎, and given the intent of the criminals to obtain the payment of the ransom, the Bush Center does not ‎believe there is a high risk that the unencrypted information would be used for other purposes,” the center added.

A number of organizations in the United Kingdom in recent days have said they also were affected by the attack. Blackbaud put out a blog post on the breach a few weeks ago without naming the affected parties, saying the company believes the stolen files were deleted by the hackers.

Both public and private figures have faced data hacks of late, raising widespread concerns about security for both personal information and election integrity.

Twitter accounts belonging to former Vice President Joe Biden, Bill Gates, Elon Musk and Apple, among other prominent individuals, were compromised earlier this month in what Twitter said it believes to be an attack on some of its employees with access to the company’s internal tools.

The GPS and wearable device company Garmin said last week that a widespread blackout had left its fitness devices, website and call centers offline for more than 24 hours in what may have been a ransomware attack.

This story has been updated with additional comment from the Bush Center on Friday amending its earlier statement.



Leave a Reply

Skip to content