In a significant development in Charleston, South Carolina, Blackbaud, a leading software vendor, could face a class-action lawsuit on the grounds of a security breach that reportedly compromised more than a million sensitive data files. The breach, discovered in May 2020, affected around a third of their clientele, who are primarily organizations advocating social change, such as non-profits, animal shelters, health clinics, and schools.
The legal team, consisting of at least 12 individuals, represents affected Blackbaud’s clients and aims to initiate a class-action lawsuit. Over several days, lawyers from both sides presented their case in federal court, with Blackbaud aiming to avoid a large-scale lawsuit while the plaintiffs argue that the scale and impact of the breach cannot be ignored.
Blackbaud’s software solutions are primarily used for data storage, covering everything from addresses and emails to credit card information, Social Security numbers, and health information. The plaintiffs allege that Blackbaud misrepresented the security of its software, which led to the data breach.
Blackbaud reported that a hacker had successfully breached its server in May 2020, remaining undetected for approximately three months and accessing information from around 13,000 companies. The company communicated this breach to their customers in July 2020. However, the plaintiffs allege that Blackbaud downplayed the severity of the situation.
Further, the plaintiffs claim that Blackbaud was aware of its security issues, marking them as negligent and responsible for the hack. Evidence is cited from BlackbaudChief Information Security Officer’s correspondence from 2019 that identified security shortcomings and suggested the company was a decade behind on security measures.
Blackbaud has already settled with attorneys-general from 49 states for $49.5 million, including South Carolina Attorney General Alan Wilson. Furthermore, the company was fined by the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) for lax security. The software company now also faces ongoing litigation from the attorney general of California.
While acknowledging the breach, Blackbaud disputes the proposed class action. They argue that the wide range and highly customizable nature of their services mean that each client company had significantly different impacts due to the breach. As such, they posit that losses incurred should not be legally combined into a class-action lawsuit.
The software services provided by Blackbaud range from accounting and fundraising to marketing. Each of their client companies had the autonomy to choose which software to use and what kind of information to input into the software. Consequently, the type of data breached ranged from names and email addresses to social security numbers and health testing data.
The final decision on whether the victims of the breach can sue Blackbaud collectively in a single lawsuit now lies with Federal Judge Joseph Anderson.
York, South Carolina Mourns the Loss of Longtime Congressman John M. Spratt Jr. York, South…
Supreme Court to Review South Carolina's Medicaid Funding for Planned Parenthood Washington – The Supreme…
Charleston Man Awarded $63 Million in Landmark Johnson & Johnson Talc Case In a shocking…
Charleston, South Carolina – A Clash of College Basketball Teams In a thrilling college basketball…
Conway's Former Senate Candidate Faces Legal Blow Over Defamation Lawsuit CONWAY — **John Gallman**, a…
Cold Snap Approaches Columbia, South Carolina Columbia, S.C. — The News19 Weather Team has issued…