Breach Notification

December 17, 2020 | News Story


More information on the Minnesota State University, Mankato Foundation’s response to this public notice.


Minnesota State University, Mankato has learned of a ransomware attack of its donor management software vendor, Blackbaud, which may have allowed access by an unauthorized individual to not public data on students, alumni, and employees. Much of the data stored by Blackbaud is considered directory information under the Family Educational Rights and Privacy Act (FERPA) and is therefore public data under Minnesota law. However, Minnesota State University, Mankato disclosed some not public data to the Minnesota State University, Mankato Foundation and those data elements were stored by Blackbaud and accessible in the attack.  Data about you provided to the Foundation may have included your Country of Birth, Gender, last 4 digits of Social Security Number, Marital Status, Birth date, TechID, High School and years of attendance, Ethnicity, and status as a first-generation College Student, as well as contact information, dates of birth, demographic data, philanthropic interests, and donation history. Blackbaud asserts that the attacker did not access credit card information; any bank account information or social security numbers were encrypted and not accessible to the attacker. For a full report contact Michael Menne at michael.menne@mnsu.edu or 507-389-5705.

Share this Article:

Categories: News Story