Lawrence + Memorial

Lawrence and Memorial Hospital Announces Breach of Donor Communications and Engagement System

Stack of unidentifiable credit cards on a table
NBCWashington

The software company Lawrence + Memorial Hospital uses for donor communication and engagement suffered a data breach earlier this year, the hospital announced Tuesday.

L+M was notified on August 14 that Blackbaud suffered a ransomware attack impacting its 35,000 clients, according to the hospital. Non-financial information, including names, addresses, phone numbers, dates of birth and philanthropic history were on the database that was impacted by the breach, L+M said. However, the organization said a limited number of people may have had financial information exposed.

Blackbaud made a payment to an "outside party" as part of the attempt to limit the impact on the breach and was assured that the data was destroyed, however L+M said it has not been able to independently verify that claim. While L+M continues to use Blackbaud, Yale New Haven Health is looking into whether any other hospitals in its system were involved.

The hospital said its patient medical records were not accessed.

"Lawrence + Memorial Hospital truly regrets any inconvenience this has caused. As a premier healthcare provider, we strive to demonstrate respect for patients and our community and to always safeguard that information. Letters have been mailed to all those whose information was involved in this incident and if anyone has any concern, they can call 888-479-3575," L+M said in a statement.

Contact Us