Washington State University Foundation

The Washington State University Foundation fell victim to a prolonged ransomware attack between February 7, 2020, and May 20, 2020, compromising the personal data of 334,219 Washington residents. The exposed information included names and dates of birth, though no financial or highly sensitive records (e.g., Social Security numbers) were reported as stolen. The breach was detected later by Blackbaud, a third-party service provider, on July 16, 2020, with notifications to affected individuals issued on August 20, 2020. The incident highlights vulnerabilities in third-party vendor security, as the attack exploited weaknesses in Blackbaud’s systems, which the foundation relied upon. While the foundation claimed no evidence of misuse of the exposed data, the sheer scale of affected individuals primarily customers (donors/alumni) raises concerns over potential identity theft, phishing risks, or long-term reputational damage. The delayed discovery and response further compounded the impact, underscoring gaps in real-time threat detection and crisis communication.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=10248

TPRM report: https://www.rankiteo.com/company/washington-state-university-foundation

"id": "was015091825",
"linkid": "washington-state-university-foundation",
"type": "Ransomware",
"date": "2/2020",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '334,219',
                        'industry': 'education',
                        'location': 'Washington, USA',
                        'name': 'Washington State University Foundation',
                        'type': 'non-profit organization'},
                       {'industry': 'technology',
                        'name': 'Blackbaud',
                        'type': 'service provider'}],
 'customer_advisories': 'notification to affected individuals began on August '
                        '20, 2020',
 'data_breach': {'number_of_records_exposed': '334,219',
                 'personally_identifiable_information': ['names',
                                                         'dates of birth'],
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personally identifiable '
                                              'information (PII)']},
 'date_detected': '2020-07-16',
 'date_publicly_disclosed': '2020-08-20',
 'description': 'The Washington State Office of the Attorney General reported '
                'that the Washington State University Foundation experienced a '
                'ransomware attack from February 7, 2020, to May 20, 2020. '
                'Approximately 334,219 Washington residents were affected, '
                'with exposed information including names and dates of birth. '
                'The breach was first discovered by the service provider '
                'Blackbaud on July 16, 2020, and notification to affected '
                'individuals began on August 20, 2020.',
 'impact': {'data_compromised': ['names', 'dates of birth'],
            'identity_theft_risk': 'high'},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Washington State '
                                                        'Office of the '
                                                        'Attorney General']},
 'response': {'communication_strategy': 'notification to affected individuals',
              'third_party_assistance': ['Blackbaud']},
 'title': 'Washington State University Foundation Ransomware Attack',
 'type': 'ransomware'}