Notice of Data Security Incident


We are writing to let individuals who have made donations to North York Harvest Food Bank know that we were recently notified by our database service provider, Blackbaud Inc., of a security incident that may have involved your personal information.

Blackbaud has advised that encrypted financial data such as banking and credit card information was not impacted.

North York Harvest Food Bank understands the importance of protection and proper use of donor information. We are posting this notice to explain the incident and provide donors with steps they can take to protect themselves.

Blackbaud filed a courtesy notice regarding the security incident with the Office of the Privacy Commissioner of Canada (OPC) on August 6, 2020. 

 

What Happened

Blackbaud informed us that a ransomware attack was discovered that impacted many of its clients around the world, including North York Harvest. After discovering the attack, Blackbaud’s cyber security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking their system access and fully encrypting files; and ultimately expelled them from their system. Prior to locking the cybercriminal out, the cybercriminal removed a copy of our backup file containing your personal information.

 

What Information Was Involved

It is important to note that the cybercriminal did not access your credit card or banking information. However, the file removed may have contained your telephone numbers, email addresses, mailing addresses and a history of your relationship with North York Harvest.

You will be contacted immediately if we determine that any further information about you was compromised as part of this breach.

 

What We are Doing

Ensuring the safety of our supporters’ data is of the utmost importance to us.

In addition to notifying all potentially affected parties directly, we are working closely with Blackbaud to understand why this happened, what data was impacted, and what actions they are taking to increase their security.

 

What You Can Do

As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to the proper law enforcement authorities.

We also ask you to be alert to “phishing” attempts by third parties where the sender refers to your relationship with North York Harvest. For example, North York Harvest will never ask you to send sensitive personal information to us by email.

 

For More Information

We sincerely apologize for this incident and regret any inconvenience it may cause you. Should you have any further questions, please do not hesitate to contact us via email (support@northyorkharvest.com) or by phone (416.635.7771 Ext 21).

Thank you for your continued support.