Like many charities, we use a third-party company to provide us with our database and management systems.

The company we use is called Blackbaud who are one of the world’s largest and leading providers of supporter database systems for the charity and not-for-profit, healthcare and educational sectors.

On 16 July 2020 Blackbaud notified us that regrettably they had been the victim of a ransomware attack in May 2020. A cybercriminal had been able to remove a copy of a subset of data from a number of their clients, including many UK and International charities and universities, and unfortunately, we were affected also. We are in the process of sending an e-mail or letter to all of our supporters and contacts whose data we believe has been affected to outline further details of this incident, what steps have been taken to date, how we are able to help those affected and what you may be able to do to assist us.

Blackbaud have released this this statement about how the breach occurred and the steps the company has taken to prevent the misuse of the data that was obtained and if you require any further information, please read our Frequently Asked Questions.

We ask for your patience while we navigate this matter and are contacting our supporters as promptly as we can; however, should you have any enquiries or wish to discuss this matter with us further, please contact us using the contact details outlined below. In the meantime, please be assured that we have reported the data breach to the Information Commissioner (ICO), as has Blackbaud. The ICO are acting as the Lead Supervisory Authority (LSA) for this incident and, as such, have taken on primary responsibility for coordinating the investigation into this matter as data from multiple charities, organisations and countries has been involved. The findings of their investigation will be published on the ICO’s website in due course and we will also publish a link to this report on this page as soon as it is available.

We have been advised that those affected do not need to take any further action at this time; however, we will update those affected immediately if this changes. We will also update this page with any new information or guidance we are given. Although we believe there is no immediate risk to any of our supporters as a result of this incident, we recommend that all of our supporters remain vigilant, as ever, and take the usual steps to guard against the possibility of identity theft or fraud and report any incidents to the police. For further advice and support, please visit the following website: www.actionfraud.police.uk

Should you need to contact us to discuss these matters any further, please do so by contacting us at:

a: Slade House Farm, Sidmouth, Devon, EX10 0NU

e: blackbaud@thedonkeysanctuary.org.uk

t: [44] (0)1395 208696