Saturday, April 13, 2024
HomeSECURITYCyberattack on Manchester University Confirmed, Hackers Demand Ransom

Cyberattack on Manchester University Confirmed, Hackers Demand Ransom

-


Cyberattack on Manchester University Confirmed, Hackers Demand Ransom

Cybercriminals themselves contact the victims and advise them to put pressure on the university administration.

A couple of weeks ago we reported that the University of Manchester was the victim of a cyber incident that “could have copied” sensitive data from students and staff of the higher education institution.

Now it turned out that the data was indeed stolen. The attackers managed to download as much as 7 TB of data. By the way, with an average upload bandwidth of around 100 megabits per second, it would take hackers a whole week to steal this amount of information. But, apparently, the university Internet channel boasts much higher speeds.

The attack reportedly took place on June 6, but was not discovered until three days later, when the university published an official statement . It stated that some of the university’s systems were “accessible to an unauthorized party” and that “the data was probably copied.”

The university also said the incident was not related to recent attack for service MOVEit Transfer. Apparently, the data was stolen directly from the university network.

A few days ago, students and teachers of the university began to receive suspicious letters, allegedly personally from the cybercriminals responsible for the hack. The text of the mass mailing claims that on June 6, hackers stole 7 terabytes of data, including confidential and personal information, research data, medical information, police reports, drug tests, financial documents, etc.



Letter to students and staff sent by ransomware

“The university administration is fully aware of the situation and has been discussing it with us for a week. Be that as it may, these people are more worried about money than about the privacy and security of their students and employees,” the attackers say.

In the same letter, the hackers listed the persons responsible for negotiating and making decisions regarding the ransom money, while not voicing the amount they requested. And by pointing to specific people, cybercriminals shifted the responsibility for the safety of their data to students and teachers. And if the latter, for one reason or another, are afraid of the publication of this information, they may well begin to put pressure on the negotiators.

In the text of the letter, the hackers do not reveal themselves, do not disclose the name of their extortionist group. Apparently, you will have to find out about the “heroes of the occasion” only after the publication of data in the public domain on the attackers’ leak website. Unless the university administration changes its mind, of course.

University COO Patrick Hackett apologized to the learning community for what happened and assured that he was actively working to resolve the problem. “Our priority is to resolve this issue and provide information to those affected as it becomes available. We will use all the resources available to us,” Hackett said.

The University of Manchester is working with the Information Security Authority, the National Cyber ​​Security Center and the National Crime Agency on its cyberattack. Therefore, it is unlikely that the decision to pay the ransom depends only on the administration of the university.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular