Cookies on BBB.org

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Cookie Preferences

Many websites use cookies or similar tools to store information on your browser or device. We use cookies on BBB websites to remember your preferences, improve website performance and enhance user experience, and to recommend content we believe will be most relevant to you. Most cookies collect anonymous information such as how users arrive at and use the website. Some cookies are necessary to allow the website to function properly, but you may choose to not allow other types of cookies below.

Necessary Cookies

What are necessary cookies?
These cookies are necessary for the site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you that amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.

Necessary cookies must always be enabled.

Functional Cookies

What are functional cookies?
These cookies enable the site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Performance Cookies

What are performance cookies?
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Marketing Cookies

What are marketing cookies?
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant content on other sites. They do not store personal information directly, but are based on uniquely identifying your browser or device. If you do not allow these cookies, you will experience less targeted advertising.

Find a Location

Blackbaud, Inc. has 4 locations, listed below.

*This company may be headquartered in or have additional locations in another country. Please click on the country abbreviation in the search box below to change to a different country location.

    Country
    Please enter a valid location.

    Business ProfileforBlackbaud, Inc.

    Computer Software
    HeadquartersMulti Location Business
    The Complaints and Reviews shown on this HQ profile may have been submitted against either the HQ itself or one of the corporate-owned locations found under "Find Locations".

    Additional business information

    Pending Government Action:
    Government Action: BBB reports on known government actions involving business’ marketplace conduct:
    United States of America vs. BLACKBAUD, INC., a corporation.

    On February 01, 2024, BBB was made aware of an action filed the Federal Trade Commission against BLACKBAUD, INC., a corporation.  The following is the Press Release issued by the Federal Trade Commission on February 01, 2024:

     

    FTC Order Will Require Blackbaud to Delete Unnecessary Data, Boost Safeguards to Settle Charges its Lax Security Practices Led to Data Breach

    FTC says company’s poor security allowed hacker to steal sensitive data of millions of consumers, go undetected for months

     

    South Carolina-based Blackbaud Inc. will be required to delete personal data that it doesn’t need to retain as part of a settlement with the Federal Trade Commission over charges that the company’s lax security allowed a hacker to breach the company’s network and access the personal data of millions of consumers including Social Security and bank account numbers.

    In its complaint, the FTC says that Blackbaud, which provides data services and financial, fundraising, and administrative software services to companies, nonprofits, healthcare organizations, and others, failed to implement appropriate safeguards to secure and protect the vast amounts of personal data it maintains as part of the services it provides to its clients.

    “Blackbaud’s shoddy security and data retention practices allowed a hacker to obtain sensitive personal data about millions of consumers,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Companies have a responsibility to secure data they maintain and to delete data they no longer need.”

    The FTC says that, despite promising customers that it takes “appropriate physical, electronic and procedural safeguards to protect your personal information,” Blackbaud deceived users by failing to put in place such safeguards. For example, the company failed to monitor attempts by hackers to breach its networks, segment data to prevent hackers from easily accessing its networks and databases, ensure data that is no longer needed is deleted, adequately implement multifactor authentication, and test, review and assess its security controls. In addition, the company allowed employees to use default, weak, or identical passwords for their accounts, according to the complaint.

    As a result of these failures, a hacker in early 2020 accessed a customer’s Blackbaud-hosted database, according to the complaint. Once logged in, the attacker was able to freely move across multiple Blackbaud-hosted environments by leveraging existing vulnerabilities and local administrator accounts and creating new administrator accounts, according to the complaint. The breach went undetected for three months, allowing the hacker to remove massive amounts of unencrypted sensitive consumer data belonging to Blackbaud’s customers.

    In addition to failing to encrypt sensitive data and implement adequate firewalls to help protect it, Blackbaud held onto data far longer than was necessary for the purpose for which it was maintained, including information belonging to former customers, according to the complaint.

    Once the company detected the breach, Blackbaud agreed to pay a ransom of 24 Bitcoin, worth about $250,000, after the hacker threatened to expose the stolen data. The company never verified, however, that the hacker actually deleted the stolen data, according to the complaint.

    At the same time, the company waited nearly two months to notify its customers about the breach and then misled consumers about the extent of the data that was stolen, telling customers they did not need to take any action in response to the breach, according to the complaint. Even though it knew as early as the end of July 2020 that the hacker had obtained sensitive data including Social Security and bank account information, the company waited another two months before it told its customers about the full scope of the breach. The FTC says this delay harmed consumers who were unable to take steps to protect themselves from potential identity theft and other potential harms resulting from the breach.

    In addition to requiring Blackbaud to delete data that it no longer needs to provide products or services to its customers, the proposed order will prohibit the company from misrepresenting its data security and data retention policies. The proposed order also will require Blackbaud to develop a comprehensive information security program that would address the issues highlighted by the FTC’s complaint. In addition, the company will also be required to put in place a data retention schedule that would detail why it maintains personal data and when it will delete such information. The proposed order also requires that Blackbaud notify the FTC if it experiences a future data breach that it is required to report to any other local, state, or federal agency.

    The Commission voted 3-0 to issue the administrative complaint and to accept the proposed consent agreement with Blackbaud. FTC Chair Lina M. Khan and Commissioners Rebecca Kelly Slaughter and Alvaro Bedoya issued a joint statement.

    The FTC will publish a description of the consent agreement package in the Federal Register soon. The agreement will be subject to public comment for 30 days after publication in the Federal Register after which the Commission will decide whether to make the proposed consent order final. Instructions for filing comments will appear in the published notice. Once processed, comments will be posted on Regulations.gov.

    NOTE: The Commission issues an administrative complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $51,744. 

    The lead staff attorneys on this matter are Cathlin Tully and Kamay Lafalaise from the FTC’s Bureau of Consumer Protection.

    The Federal Trade Commission works to promote competition and protect and educate consumers. Learn more about consumer topics at consumer.ftc.gov, or report fraud, scams, and bad business practices at ReportFraud.ftc.gov. Follow the FTC on social media, read consumer alerts and the business blog, and sign up to get the latest FTC news and alerts.


    Media Contact
    Juliana Gruenwald Henderson
    Office of Public Affairs
    202-326-2924

    See all additional business information

    At-a-glance

    Customer Reviews

    1/5stars

    Average of 13 Customer Reviews

    Customer Complaints

    27 complaints closed in last 3 years

    7 complaints closed in last 12 months

    Customer Reviews are not used in the calculation of BBB Rating

    Reasons for BBB Rating

    Business Details

    This is a multi-location business.

    Find a Location

    Blackbaud, Inc. has 4 locations, listed below.

    *This company may be headquartered in or have additional locations in another country. Please click on the country abbreviation in the search box below to change to a different country location.

      Country
      Please enter a valid location.
      Headquarters
      65 Fairchild St, Daniel Island, SC 29492-7505
      BBB File Opened:
      9/28/2009
      Years in Business:
      43
      Business Started:
      7/15/1981
      Business Started Locally:
      7/15/2004
      Date of New Ownership:
      7/15/2004
      Type of Entity:
      Corporation
      Number of Employees:
      2001
      Alternate Business Name
      • YourCause
      • Smart Tuition
      Business Management
      • Ms. Anne Caggiano
      Contact Information

      Principal

      • Ms. Anne Caggiano

      Customer Contact

      • Mrs. Kim Perry
      • Ms. Anne Caggiano
      • Mr. Jim Lozano, Director
      Additional Contact Information

      Fax Numbers

      • (843) 216-6100
        Primary Fax

      Website Addresses

      Customer Complaints

      27 Customer Complaints

      Need to file a complaint? BBB is here to help. We'll guide you through the process. How BBB Processes Complaints and Reviews

      File a Complaint

      Customer Reviews

      13 Customer Reviews

      What do you think? Share your review.

      How BBB Processes Complaints and Reviews

      Start a Review

      Most Recent Customer Review

      SLG J

      1 star

      07/02/2024

      The school my child attends uses Blackbaud for tuition processing. The system is very convoluted. Each year, you must register and setup payment methods. Furthermore, when transitioning to a high school that also uses the same tuition processing system, I spent over an hour on the phone trying to set up access to my account. You could not merely add another school to the profile. It required a call to support. After an hour on the line, I was told that a support rep would need t call me in the next 2 business days. How is it that you receive an email from Blackbaud welcoming you to begin using their service, and when you click the links, you are unable to gain access to the portal, and the resolution is too complex for level-one support? Blackbaud operates as if they have one guy in back developing, setting up, and maintaining the service. Amazing!! I advise you to use other systems for tuition processing. If parents and users are going to be challenged to the point they may as well mail checks in, it's not worth it. Don't **** *** your users and customers with Blackbaud. I am awaiting my issue with access to be resolved.

      Local BBB

      BBB Serving Central South Carolina & Charleston

      BBB Reports On

      BBB reports on known marketplace practices.

      BBB Business Profiles may not be reproduced for sales or promotional purposes.

      BBB Business Profiles are provided solely to assist you in exercising your own best judgment. BBB asks third parties who publish complaints, reviews and/or responses on this website to affirm that the information provided is accurate. However, BBB does not verify the accuracy of information provided by third parties, and does not guarantee the accuracy of any information in Business Profiles.

      When considering complaint information, please take into account the company's size and volume of transactions, and understand that the nature of complaints and a firm's responses to them are often more important than the number of complaints.

      BBB Business Profiles generally cover a three-year reporting period. BBB Business Profiles are subject to change at any time. If you choose to do business with this business, please let the business know that you contacted BBB for a BBB Business Profile.

      As a matter of policy, BBB does not endorse any product, service or business. Businesses are under no obligation to seek BBB accreditation, and some businesses are not accredited because they have not sought BBB accreditation.