Blackbaud avoids fine in FTC deal requiring data deletion
By 
Jeff Dale2024-02-02T19:01:00
Software company Blackbaud will be required to delete unnecessary data and boost cybersecurity as part of a proposed settlement with the Federal Trade Commission (FTC) stemming from a 2020 data breach.
The company’s poor data security allowed cybercriminals to steal sensitive data, including Social Security and bank account numbers, the FTC said in a press release Thursday.
In October, Blackbaud agreed to pay $49.5 million in a multistate settlement stemming from the data breach, about which the company allegedly failed to notify customers for two months. The company avoided further monetary penalties in reaching a settlement with the FTC but must abide by certain compliance undertakings as part of a proposed order.
Related articles
-
News BriefAvast to pay $16.5M in FTC case over deceptive data selling
The Federal Trade Commission proposed Avast pay $16.5 million and be prohibited from selling any browser data to settle charges the software provider sold consumer information to third parties after promising it would not.
-
News BriefN.Y. sues Citi for lax data security, failing to reimburse fraud victims
Citibank faces a lawsuit from New York Attorney General Letitia James for allegedly failing to protect and reimburse customers who lost thousands of dollars in fraudulent wire transfers.
-
News BriefBlackbaud settles with states for $49.5M over 2020 data breach
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
More from Regulatory Enforcement
-
ArticleFormer startup CEO gets 7 years in prison for $175M fraud against JPMorgan Chase
Charlie Javice, a former CEO who duped JPMorgan Chase into purchasing her start up company for $175 million, has been ordered to forfeit more than $22 million by the Department of Justice (DOJ) and to spend 7 years in jail.
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.