Blackbaud Breach

The Blackbaud breach has been the subject of headlines for weeks, and Geisinger was one of their clients. Geisinger recently announced that the Blackbaud breach affected 86,412 of the healthcare organization’s patients. More details on the Blackbaud breach and Geisinger are discussed below.

Blackbaud Breach Claims 6.3 Million Victims

Before we discuss what happened with Geisinger, it is important to understand how Geisinger’s patient information was compromised. 

Blackbaud is a cloud software provider with a large client base in the healthcare space, one of which was Geisinger. The Blackbaud breach began when hackers accessed one of the organization’s databases, allowing them to access the sensitive information of several of Blackbaud’s clients. The hacking incident, which went undiscovered for over a month, affected 6.3 million individuals thus far. The types of information exposed varied by client including names, contact details, some Social Security numbers, and other sensitive information.

Many of these victims are HIPAA covered entities including:

Blackbaud Breach

Inova Health System: 1 million individuals

Children’s Hospital of Pittsburgh Foundation, Saint Luke’s Foundation: 360,212 individuals

MultiCare Foundation: 179,189 are patients (300,000 total individuals)

Main Line Health: 60,595 individuals

Spectrum Health: 52,711 individuals

Northwestern Memorial HealthCare: 55,983 individuals

Geisinger: 86,412 individuals

Lawrence + Memorial Hospital: 21,617 individuals

Presbyterian Health Services: 193,223 individuals

Sisters of Charity of St. Augustine Health System: 118,874 individuals

The Blackbaud breach is classified as a ransomware attack as hackers stole Blackbaud’s data, demanding ransom for its return. Blackbaud has admitted that they paid the ransom to regain controls of their client’s data.

Let’s Simplify Compliance

Protect your PHI by becoming HIPAA compliant today!

Learn More!