Blackbaud Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Blackbaud Data Breach
By Stephen Taylor. Last Updated 7th September 2021. In this guide, we look at the Blackbaud data breach. Blackbaud is a cloud computing provider for institutions such as schools, universities, charities, religious organisations, healthcare providers, and other organisations that may positively impact people’s lives.
Unfortunately, Blackbaud suffered a cyberattack and, consequently, a data breach in May 2020. Because Blackbaud serves many institutions, the breach affected companies worldwide. In the UK, the data breach impacted organisations such as universities and charities.
I Was Affected By The Blackbaud Data Breach Could I Make A Claim?
If you suffer financially or psychologically because of a data breach your personal information was involved in, you may be eligible to make a compensation claim.
If you can prove you have a valid claim, Legal Expert could put you in touch with a skilled data breach claims solicitor to handle your compensation claim. They would push to try and win you maximum compensation if you’re the victim of a Blackbaud data breach.
To get in touch, you could call today on 0800 073 8804. Alternatively, please fill out the compensation claims form on our website. Our advice is free, and you’re under no obligation to use our services. If you can prove you have a valid claim, a knowledgeable solicitor could start working on your claim.
Select A Section
- A Guide On Blackbaud Data Breach Compensation Claims
- What Was The Blackbaud Data Breach
- What Happened In The Blackbaud Data Breach?
- Data That Was Potentially Exposed In The Blackbaud Hack
- What Universities And Organisations Were Affected?
- Check If You Could Make A Claim
- Types Of Compensation That May Be Awarded
- Blackbaud Data Breach Compensation Calculator
- How To Begin A Data Protection Breach Claim
- No Win No Fee Blackbaud Data Breach Compensation Claims
- Talk To Our Team About Your Case
- Data Protection Resources
Any business or organisation that operates in the UK, EU or EEA and uses personal information must comply with the General Data Protection Regulation (GDPR). The Data Protection Act 2018 enacted the GDPR into UK law. Although Blackbaud is a US-based business, it serves clients based in the UK and EU, so it must follow these regulations.
To comply with the GDPR, businesses and organisations that process data could do the following:
- Have data protection systems in place to protect the data that they hold. This includes effectively training employees to safeguard data.
- Request your permission to collect your personal data and explain how and why your data will be used.
- Not use personal data for any purpose other than what they have permission for.
There are many other ways organisations can comply with GDPR.
Part of Blackbaud’s responsibility is to safeguard any personal data it processes on behalf of its clients. If it causes a data breach, those who suffer psychological harm or financial loss because of it have the right to claim compensation.
The Information Commissioner’s Office (ICO) has the authority to issue fines to businesses and organisations that breach the GDPR and the Data Protection Act 2018. If you can prove you’ve suffered financial loss or psychological harm because of a data breach, contact Legal Expert today to enquire about claiming.
Is There A Time Limit To Make A Blackbaud Data Breach Claim?
In the UK, there is a time limit to making a data breach compensation claim. It is 6 years from the date you obtained knowledge of the breach. If your human rights were violated, a time limit of one year applies.
What psychological disorders could be triggered by a data breach?
As has been noted by several organisations including the ICO, a data breach can cause a great deal of stress for victims. The stress potentially caused by a data breach could even lead to the triggering of certain psychological disorders within some victims. Victims who suffer a great deal of stress due to a data breach may potentially show symptoms of conditions including the following:
- Adjustment disorders
- Post-traumatic stress disorder (PTSD)
- Depressive disorders
- Generalised anxiety disorder
If you develop symptoms of a psychological disorder after being a victim of a data breach, then you may be able to claim compensation for this as part of a claim. It is not a requirement to have suffered any material damage due to a data breach in order to claim for psychological injuries.
The Information Commissioner’s Office defines a data breach as a security breach that leads to unauthorised access or disclosure of personal data or the data being destroyed, lost or altered. This can happen accidentally, deliberately or unlawfully.
If you are the victim of a personal data breach, it can be a distressing experience. What’s more, if your personal information falls into the wrong hands, you may become a target for financial theft, fraud or identity theft.
What Was The Blackbaud Hack?
The Blackbaud data breach occurred because the company was the target of a cyberattack in May 2020. The hackers demanded a ransom in return for the destruction of the stolen data. As a result of the hacking, the personal data of millions of people worldwide may have been stolen.
Why Do Data Protection Breaches Happen?
A data breach can happen because of human error. For example, a university data breach can occur because a staff member accidentally sends a letter intended for a student, which contains personal data, to the wrong address. This is a breach of data privacy as an unauthorised party can now access the student’s personal data.
Although no harm is intended, the data breach may cause the student emotional distress. Also, if the staff member included bank details in the letter, the student may experience theft. If they could evidence that they suffered either effects or both, they may claim data breach compensation.
Unfortunately, data breaches can also happen for malicious reasons, including criminal activity such as hacking. A data breach can happen when fraudsters breach a business or organisation’s network security system to steal the personal data they hold.
Deliberate forms of data breach by malicious parties can occur in multiple potential forms. These include (but are not limited to) the following methods:
- Cyber attacks/hacking – This can include malware, password attacks and denial of service (DoS) attacks.
- Computer viruses – May be sent and uploaded to a device which contains personal data.
- Ransomware – When it accesses data on a computer or other device, ransomware may send a ransom demand from the sender of the ransomware. The ransomware could be used to destroy or manipulate data if the demand is not met.
- Phishing – Criminals may send messages while disguised as a legitimate company or individual in order to manipulate other parties into sending personal information including (potentially) bank details.
- Physical theft of data – For example, a USB stick containing personal data may be stolen.
A cybercriminal may use stolen data to commit identity theft, for example. If you are the victim of a data breach, then, depending on what personal data was involved, the following could be compromised:
- Home address
- Email address
- Phone number
- Banking details
The Blackbaud data breach happened in May 2020. The incident was disclosed to the public in July 2020. Hackers committed a ransomware attack on the company. Ransomware is malware (malicious software) that steals data and only releases it once a ransom has been paid.
Blackbaud revealed that it had paid an undisclosed ransom for the stolen data to be destroyed.
Who Did The Blackbaud Data Breach Affect?
In July 2020, it was thought that 8 UK universities had been affected by the incident. Data breach victims included staff, students and alumni.
Unfortunately, more developments came out about the data breach in October 2020. Blackbaud had previously said they believed that banking details had not been affected because of the data that was breached. However, it was revealed that banking information and passwords were feared to have been stolen.
It was also discovered that at least 166 UK organisations had been affected by the data breach, not just the initial 9 universities as thought. This included universities that were not initially thought to have been impacted and well-known charities, including The National Trust.
If you can evidence that you suffered mentally or financially because of a Blackbaud data protection breach, you may be considering claiming. To learn more about your rights regarding data breach claims, call Legal Expert today and speak to a claims advisor.
The Blackbaud data security breach may have affected millions of people around the world. From October 2020 onwards, it was thought that people who donated to organisations that use Blackbaud’s software solutions might have had their payment details compromised. This includes people who have previously donated to charities, trusts and universities.
The revelation of and potential stealing of passwords would also be a consequence of the May 2020 Blackbaud data breach.
In July 2020, the University of Reading confirmed in a public statement that hackers might have stolen the following personal data:
- Dates of birth
- Phone numbers and other contact details
- Demographic information
- A history of the person’s relationship with the institution
- Dates of donations made and amounts of money donated
The accessing and theft of this data constituted a personal data protection breach.
As of September 2020, there were allegedly 10 lawsuits relating to the data breach filed in the US. If you have evidence of a valid claim, call Legal Expert today for your free claims consultation.
In July 2020, when the Blackbaud data breach became public news, it was thought that only a small number of universities in the UK had been affected. However, that list extended and included universities and charities such as:
- Newcastle University
- University of York
- University of Reading
- Loughborough University
- University of Leeds
- University of London
- De Montfort University
- University of Exeter
- University College, Oxford
- Oxford Brookes University
- University of Birmingham
- University of Strathclyde
- Choir With No Name
- Human Rights Watch
- Young Minds
- Northwest Immigrant Rights Project
The National Trust is another high profile charity that is thought to have been affected by this cybersecurity incident.
How many organisations were affected by the data breach by Blackbaud?
According to reports by the BBC, The Blackbaud data breach would impact at least 166 organisations as of October 2020.
A business that collects, processes and stores personal data on behalf of its clients has a duty of care to protect the data it holds. Therefore, if it is found to be liable for the breach of your personal data, you may be eligible to claim for any psychological or financial damages you can prove you suffered as a result.
If you have evidence of a valid Blackbaud data breach claim, contact Legal Expert today for your free consultation. One of our friendly advisors will assist you and answer any questions you may have about making a data breach claim.
For some people, becoming a data breach victim is as traumatic as experiencing a mugging or a house burglary. Unfortunately, some may become vulnerable to theft and so may lose money as well as suffer mentally.
If you have a valid claim for data breach compensation, you could be able to claim for emotional and psychological damages you may have suffered. For example, if you suffered anxiety or depression because of your injuries, you may be eligible to claim compensation for them. These are known as non-material damages.
In Vidal-Hall and others v Google Inc , it was decided by the Court of Appeal that claimants could seek compensation for psychiatric injuries a data breach causes, even if the breach doesn’t cause financial losses. Before this case, this wasn’t possible.
The Court also held that compensation should be valued as it is for personal injury claims.
If you suffered any financial losses because of a data breach, you could recover these through compensation. This is known as material damages. As with any claim, you would need to prove the losses with evidence such as bank statements, for example.
If you wish to make a Blackbaud data breach compensation claim, you may be curious to know how much compensation you could be owed. Compensation payouts for psychological damages incurred due to a data breach are comparable to compensation amounts paid out for psychological damages in personal injury claims.
The compensation amounts in the compensation table below are based on figures from the Judicial College Guidelines. This is a publication solicitors may use to value injuries for personal injury claim awards.
You can use the compensation table below to estimate how much your claim for non-material damages may be worth. And this could prove to shape the basis of your Blackbaud data breach claim.
|Psychological Injury Type||Comments On The Injury||Settlement|
|PTSD - Severe||Severe PTSD which affects the person's life. A degree of permanent injury will be involved.||£56,180 - £94,470|
|PTSD - Moderately Severe||This degree of PTSD will have a better prognosis than the above. There would still be some disabling symptoms.||£21,730 - £56,180|
|PTSD - Moderate||It is anticipated that the person will experience a good degree of recovery.||£7,680 - £21,730|
|PTSD - Less Severe||Almost complete recovery within one or two years.||Up to £7,680|
|Psychiatric Injury - Severe||The claimant will have experienced issues with work, education and other parts of their life.||£51,460 - £108,620|
|Psychiatric Injury - Moderately Severe||The prognosis for this claimant will be better than those in the category above.||£17,900 - £51,460|
|Psychiatric Injury - Moderate||The prognosis for this claimant will be better than those in the category above.||£5,500 - £17,900|
|Psychiatric Injury - Less Severe||The length of the period of disability and how much everyday activities and sleep were affected will be taken into consideration.||Up to £5,500|
The table above doesn’t include an estimate for how much compensation you could claim for material damages.
Call Legal Expert today to learn more about how much compensation you could be owed if you have evidence of a valid claim. An advisor can deliver an accurate quote based on your personal circumstances.
If we can see that you have evidence and legitimate grounds to claim compensation, we could put you in touch with a No Win No Fee solicitor to manage your claim.
What are the advantages of using our solicitors to handle your data breach compensation claim?
- Trust. We are very proud that so many claimants have trusted us to help them win compensation. You can read our online solicitors reviews to see why so many people trust Legal Expert.
- Experience. Our solicitors have up to thirty years of experience handling compensation claims.
- Determination. Your solicitor would help you collect evidence to support your claim and would try to value the claim you’re making accurately. So, they would push to try and win you the maximum amount of compensation.
To find out more, freephone our advisors today. You will be under no obligation to proceed with our services after discussing the Blackbaud data breach.
Another great advantage of using the services of our solicitors is that they offer clients No Win No Fee agreements. So, the formal term for this is a ‘Conditional Fee Agreement’.
Instead of paying a solicitor’s fee upfront, your solicitor would only charge you a success fee if your claim was successful. In the unlikely scenario that your claim loses, your solicitor would not charge a success fee.
This means that you do not risk paying solicitor fees even if you don’t get compensation.
How Do You Pay Your Success Fee?
Your success fee is deducted as a small, pre-agreed percentage from your data breach compensation package. So, this percentage is legally capped to prevent overcharging.
Many claimants also prefer to choose the No Win No Fee option because they do not have to pay their fee upfront.
Blackbaud Data Breach Breakdown
The Blackbaud data breach from May 2020 would see 166 organisations suffer a compromising of data. Additionally, a range of international companies would also suffer as a result of this situation. This information would include their names, dates of birth, genders, contact details and professional details. So, there would be numerous international, if not global, recognition amongst the victims. These would primarily include universities and colleges within the United Kingdom.
So, these include Brasenose College at the University of Oxford. There is also Hughes Hall College and Selwyn College at the University of Cambridge. Not to mention the University of Birmingham, the University of Bristol and the University of Manchester. Furthermore, The National Trust and Sue Ryder would also suffer. And then there’s Cancer Research Institute in New York, Boy Scouts of America and the National University of Ireland in Galway.
It is worth noting, though, that data breaches happen all too often to companies of varying sizes and sectors. According to statistics from GOV.UK, 39% of businesses would suffer cyber security attacks in 2020/2021. Similarly, approximately 26% of charities would also suffer data breaches of the same nature. Now, it does tend to be larger organisations because their data is more valuable to hackers.
Furthermore, they would generally have larger customer bases, which means more data for those who succeed with hacks. And the ICO has a list of all companies reporting data breaches beginning with the most recent. So, this list demonstrates just how many companies go through situations like this all of the time. But that doesn’t mean that you can’t claim compensation, as this guide outlines.
Use the details below to reach us and, if we can see that you have evidence and legitimate grounds for compensation, we could put you in touch with a skilled solicitor to work on your behalf.
- Call us on 0800 073 8804.
- Please email us using the contact form on our website.
- Use the website’s live chat to speak to an advisor now.
Our advisors are available 24/7 for your convenience, and they give free legal advice. What’s more, you’re under no obligation to proceed with the services of our solicitors.
Because we value your time, our advisors are professional and honest. So, they’ll let you know how likely it is that you could claim. Furthermore, if you have evidence of a valid claim, they could connect you with an expert solicitor.
We hope you have found this guide to making a data protection claim helpful. So, if you wish to know more about data breach claims, you may wish to consult these guides.
Experian Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Experian Data Breach.
University Of London Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For University Of London Data Breach.
British Airways Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For A British Airways Data Breach.
Report A Personal Data Breach: ICO guidance for organisations on how to report data breaches, including a Blackbaud data breach.
Personal Data Breach Examples: The ICO outlines what data breaches can involve.
Data Protection: A Government site on how to make a complaint about poor data protection practices.
Blackbaud Data Breach FAQs
What are the 3 types of data breaches?
These are electronic, physical and skimming.
What are the most common causes of data breaches?
These are the stealing of passwords, malware, social engineering, insider threats and in-person attacks.
How do you identify a data breach?
This can happen by using software processes, receiving malware alerts or noticing continuous system crashes.
How do you respond to a data breach?
You should remain calm and take your time before preparing a response plan. Additionally, you should inform your customers as soon as possible before asking security experts to remedy the problem.
Can an individual receive a fine under GDPR?
This is possible, though it comes down to how serious the GDPR breach is.
Who do you contact for a data breach?
The most appropriate body to contact would be the Information Commissioner’s Office (ICO).
Who is responsible for reporting data breaches to the ICO?
This would be down to the Information Commissioner.
What is a notifiable breach?
This is any breach that could be harmful to the individual whose data is out in the open.
Thank you for reading about what to do if you suffer psychologically or financially due to a Blackbaud data breach.