On July 16, 2020 The Jackson Laboratory (JAX) became aware of a data security matter that recently occurred at Blackbaud, which is the Laboratory’s third party provider of a cloud-based platform used for fundraising and donor information management. JAX received confirmation that Blackbaud experienced a global security breach in May that has affected a large number of organizations worldwide, ranging from large colleges and universities to small nonprofits. JAX uses Blackbaud’s fundraising platform for holding and managing all of JAX’s data related to donors. In its statement about the matter, Blackbaud indicated that the cybercriminals involved in the cyberattack did not access user names, passwords, credit card information, bank account information, or Social Security numbers. In addition, Blackbaud has stated that it paid a ransom in exchange for the cybercriminals’ confirmed destruction of the copy of the information stolen.

JAX takes data security and privacy very seriously, and ensuring the safety of our constituents’ data is of the utmost importance to us. We reached out to our constituents the week of July 20th to inform them of Blackbaud’s data security matter, and are undertaking a thorough investigation of what occurred and what information may have been exposed. We will take all appropriate action based on our investigation to ensure our constituents’ information is and remains properly protected.