Unsecured Database Believed to Belong to DonorView Potentially Resulted in Data Breach Involving the Information of Non-Profit Donors

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

Recently, a data security researcher found that a database likely belonging to DonorView, a product of ConnectedView, was left unsecured, leaving donors’ personal information exposed for anyone to view. While DonorView doesn’t appear to have issued any statements regarding the incident, the company will be required to assess the impact of the potential breach on donors’ confidential information. Upon completing its investigation, DonorView will send out data breach notification letters to anyone whose information was affected by the recent data security incident.

If you receive a data breach notification from ConnectedView or DonorView, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible DonorView data breach. For more information, please see our recent piece on the topic here.

What Happened?

The data security incident that purportedly involved DonorView was only recently announced, and more information is expected in the near future. However, several news reports have covered the incident, providing some important details on what led up to the discovery.

According to these sources, recently, infosec researcher Jeremy Fowler found a 465-gigabyte database containing more than 948,000 records that was left unsecured. While there has not been any confirmation, it is believed that the database belongs to DonorView, which is a company that facilitates donations to non-profit organizations.

Evidently, the database contained payment details, including monthly summaries from PayPal and Venmo, payroll deductions, checks, and credit cards. Some donation records contained specifics of the various transactions and how often the individual made donations. The database also contained donors’ names, addresses, phone numbers, and email addresses.

DonorView has not yet publicly acknowledged the alleged oversight; however, eventually, the issue will need to be addressed, and DonorView will need to review the database to determine if it belongs to the company. If so, DonorView will be required to send out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About ConnectedView

ConnectedView is a software company based out of Marlborough, Massachusetts. ConnectedView creates software solutions for non-profits that facilitate the donation process and other core functions. ConnectedView’s products include DonorView (contact management, fundraising, events, email marketing, and peer-to-peer fundraising), AssociationSphere (marketing and contact management) and Blue Hill Sites (website design and management). DonorView employs more than 25 people and generates approximately $5 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Console and Associates, P.C.

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide