Following Blackbaud’s ransomware attack in June 2020, the company has now been ordered to pay $6.75 million to the California Attorney General’s Office. The payment was mandated due to Blackbaud’s poor security practices, ultimately leading to the ransomware attack and data breach in May 2020. During the attack, hackers gained access to Social Security numbers, bank account details, and login credentials. Blackbaud had stored this information unencrypted, giving easy access to hackers. Blackbaud’s customers included nonprofits, universities, and hospitals. The Federal Trade Commision (FTC) additionally ordered Blackbaud to create an information security program and erase any non-essential data.