Notice of Data Breach

On Monday 20 July 2020 we were made aware of a cyber attack affecting one of our service providers, Blackbaud, and their supporter database Raiser’s Edge.

Like many other organisations and charities, we have used Raiser’s Edge to hold the names and contact details of our supporters, as well as details about their interaction with the Charity including fundraising history and events attended.

We have not used this platform to host supporter information since August 2019. We believe the criminal was able to access the information via a back-up held on the server through the cyber-attack.

No bank details, or financial information were taken in the attack as these were encrypted within the system and this encryption has not been breached.

We immediately sought assurances from Blackbaud about how they have managed the situation. They have informed us, that to the best of their knowledge, the compromised data did not go beyond the cyber-criminal and that there is no evidence it is being misused.

We take data protection extremely seriously.

As soon as we were made aware of the breach, we launched an internal investigation. Our service provider has also provided assurances that they have already implemented changes to stop future security incidents like this happening again.

We believe the risk to our supporters is very low. Should you have any further questions or concerns, please do not hesitate to contact our Data Protection Office at data.protection@gosh.org.

Please visit our website here if you would like more information on our Privacy Policy.

Blackbaud has included more information on their website here.