Posts

Showing posts with the label Blackbaud decision

Delaware Supreme Court Expands Cyber Liability Exposure for SaaS & Managed Service Providers

What the Blackbaud decision means for managed service providers (MSPs) and the clients who rely on them A recent decision by the Delaware Supreme Court in  Travelers Casualty and Surety Company of America v. Blackbaud, Inc.   materially shifts the litigation landscape for cybersecurity incidents involving Software as a Service (SaaS) providers and MSPs. Key takeaways: Lower pleading burden for plaintiffs (including insurers) Less emphasis on proximate cause at early stages Aggregated claims allowed across multiple customers Higher litigation costs and increased settlement pressure Expanded expectations around what constitutes "commercially reasonable" cybersecurity Bottom line: Cyber incidents are now significantly more likely to survive early dismissal and proceed into expensive discovery. What Happened Blackbaud, a SaaS provider hosting sensitive donor data, experienced a ransomware attack exposing highly sensitive personal and financial information. Its customers (nonprof...