Loughborough University and charity Loros 'victims of Blackbaud hack'

A charity and a university have written to supporters to warn them some of their details were taken in a cyber-attack.

Loughborough University and Leicester hospital charity Loros both confirmed some personal information could have been stolen in the ransomware attack.

The breach affected cloud storage provider Blackbaud, but it believes the information taken has been destroyed.

Personal information such as names, addresses and emails were stolen.

Both organisations reassured supporters and volunteers no financial details were stored in the affected database.

Blackbaud provides storage for organisations worldwide, and the breach has affected other charities, universities and the National Trust.

Loughborough University confirmed Blackbaud provided "a platform that hosts parts of our alumni and supporter database", which is used by a number of UK universities.

A spokesperson added: "The data that has been compromised does not include any bank account, credit card information or passwords."

John Knight, Loros CEO, said to supporters: "We apologise for any concern or inconvenience this may cause you.

"We value our supporters and know that you trust us to look after your data.

"This is why, despite being disappointed to do it, we are making you aware of the incident, and regardless of the fact that it represents a very low risk to you all."

Confirming the attack, US-based Blackbaud said: "Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment.

"The cybercriminal did not access credit card information, bank account information, or social security numbers.

"Because protecting our customers' data is our top priority, we paid the cybercriminal's demand with confirmation that the copy they removed had been destroyed."

Blackbaud said it was monitoring the situation to confirm the data was not appearing elsewhere.

The UK's Information Commissioner's Office (ICO) told the BBC that 125 organisations had reported to it in relation to the incident "so far".

Follow BBC East Midlands on Facebook, external, Twitter, external, or Instagram, external. Send your story ideas to eastmidsnews@bbc.co.uk, external.