Stanford University said this week that it was investigating a “cybersecurity incident” after a ransomware group threatened to release confidential information from the university’s Department of Public Safety on the dark web.
According to a screenshot posted to social media by cybersecurity analyst Brett Callow, the ransomware group Akira holds 430 gigabytes worth of internal data from the Department of Public Safety, including confidential documents and private information. The group instructed those interested in the information to contact them.
“Stanford University is one of the world’s leading research universities,” the Akira threat reads. “Stanford is known for its entrepreneurial character, drawing from the legacy of its founders, Jane and Leland Stanford, and its relationship to Silicon Valley. Soon the University will be also known for 430 GB of internal data leaked online.”
The university acknowledged the threat, saying that the department’s impacted systems had been “secured.”
“We are continuing to investigate a cybersecurity incident at the Stanford University Department of Public Safety (SUDPS) to determine the extent of what may have been impacted,” the university said in a statement. “Based on our investigation to date, there is no indication that the incident affected any other part of the university, nor did it impact police response to emergencies. The impacted SUDPS system has been secured.”
The university’s statement did not directly address the claim of data already allegedly stolen by the hackers.
Ransomware occurs when hackers obtain personal information using malware, and then hold that information until a ransom is paid. According to Callow, at least 68 colleges and universities have been hit by ransomware attacks this year.
(c)2023 Silicon Valley. Distributed by Tribune Content Agency LLC.
