St Aloysuis' College and University of Strathclyde data breach as hackers steal alumni private information

The company specialises in alumni relationship management systems and holds data on alumni, donors, potential donors, event attendees, and friends of the University and College.

Both institutions have confirmed that encrypted information including credit card or bank account details and passwords were not accessed.

However, the names, addresses, date of birth and contact details including email and phone number of those affected may have been hacked. 

Things like course and educational attainment details, a record of engagement with alumni and fundraising activities including donation history, professional details and survey responses could have been accessed.

The institutions have asked former students and donors to 'remain vigilant' and report any suspicious activity or suspected identity theft to authorities.

It's believed that over 20 universities and charities in the UK, US and Canada were targeted in the breach.

Blackbaud say they paid the ransom, going against the advice of law enforcement agencies, and were given "confirmation that the copy of data they removed had been destroyed".

Investigations into why there was a delay between the breach and Blackbaud notifying those affected are currently ongoing.

A statement posted by both the University of Strathclyde and St Aloysius' College said: "We will continue to work with Blackbaud to investigate this matter and to discuss our future engagement with them.  We greatly regret that this incident occurred and sincerely apologise for any inconvenience that this data breach by Blackbaud may cause.

"Please be assured that we take data protection very seriously and we are grateful for your continued support and engagement."