The health system said that a third-party vendor, Blackbaud, informed it of the breach on July 16.
Blackbaud said the attackers’ “motivation was to disrupt our business by encrypting customer files in our data centers, which we were able to prevent.”