BUFFALO, N.Y. — The Buffalo Museum of Science says one of its third-party vendors was the victim of a data breach.
The science museum sent an email out to members explaining that sometime between February 7, 2020, and May 20, 2020 the museum was notified by its third-party service vendor Blackbaud had stopped a ransomware attack on a database they manage.
The museum says that the cyber-criminal did not access credit card or bank account information, and that they do not store social security numbers or passwords in its Blackbaud database.
In the email, the science museum also stated the following:
"Out of an abundance of caution, we are notifying you so that you can take immediate action to protect yourself. Ensuring the safety of our constituents and their data is of the utmost importance to us. As part of their ongoing efforts to help prevent something like this from happening in the future, Blackbaud has already implemented several changes that will protect your data from any subsequent incidents.
As a best practice, we recommend you remain vigilant and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities. You can report suspected identify theft to the Federal Trade Commission (FTC) online at 222.IdentityTheft.gov or by phone at 1-877-438-4338."
