The Marines' Memorial Association & Foundation experienced a ransomware attack on May 20, 2020, via their third-party vendor, Blackbaud, Inc. The breach was publicly disclosed by the California Office of the Attorney General on April 6, 2021. The incident compromised the personal data of at least 20 Rhode Island residents, though the full scope of affected individuals including potential exposure of members, donors, or employees remains undisclosed. As a ransomware attack, the incident likely involved encryption of sensitive data, followed by a demand for payment to restore access. While the exact type of leaked information (e.g., financial records, personal identifiers, or internal communications) was not specified, the involvement of a third-party vendor suggests a supply-chain compromise, amplifying risks of broader data exposure. The delayed disclosure (nearly a year post-breach) further raises concerns about transparency and mitigation efforts. The attack’s impact extended beyond immediate data loss, potentially damaging the organization’s reputation, operational trust, and financial stability, particularly given its reliance on donor and member relationships. The unknown scale of the breach also leaves open the possibility of long-term identity theft or fraud risks for affected individuals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-539752
TPRM report: https://www.rankiteo.com/company/usmc-memorial-foundation
"id": "usm551091725",
"linkid": "usmc-memorial-foundation",
"type": "Ransomware",
"date": "5/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '20 (Rhode Island residents); '
'additional affected individuals '
'unknown',
'industry': 'Veterans Services / Hospitality',
'location': 'California, USA',
'name': "Marines' Memorial Association & Foundation",
'type': 'Non-profit Organization'},
{'industry': 'Cloud Computing / Software',
'name': 'Blackbaud, Inc.',
'type': 'Third-party Vendor'}],
'data_breach': {'number_of_records_exposed': '20 (confirmed for Rhode Island '
'residents)'},
'date_publicly_disclosed': '2021-04-06',
'description': 'The California Office of the Attorney General reported a data '
"breach affecting the Marines' Memorial Association & "
'Foundation. The breach occurred due to a ransomware incident '
'involving their third-party vendor, Blackbaud, Inc. The '
'number of affected individuals includes 20 residents of Rhode '
'Island, with additional affected individuals unknown.',
'impact': {'data_compromised': True},
'ransomware': {'data_encryption': True},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': "Data Breach at Marines' Memorial Association & Foundation via "
'Blackbaud Ransomware Incident',
'type': 'Data Breach (Ransomware)'}