In a recent development, Stanford University has revealed that personal data belonging to 27,000 individuals was compromised in a ransomware attack affecting its Department of Public Safety (SUDPS) network.
The university detected the attack on September 27 and subsequently launched an investigation into the cybersecurity incident impacting SUDPS systems. It wasn't until a month later that Stanford publicly disclosed the ongoing investigation.
In a recent update shared on Monday, Stanford disclosed that the attackers had infiltrated the Department of Public Safety's network between May 12, 2023, and September 27, 2023. However, the investigation confirmed that the unauthorized access was limited to this specific network, with no breach detected in other systems outside the department.
According to data breach notifications submitted to Maine's Attorney General, the attackers managed to access documents containing personally identifiable information (PII) of the affected 27,000 individuals.
Stanford further elaborated that the compromised personal information varied among individuals but could potentially include sensitive data such as dates of birth, Social Security numbers, government IDs, passport numbers, driver's license numbers, and other details collected by the Department of Public Safety in its operations.
For a select few, the compromised information might have extended to biometric data, health or medical records, email addresses with passwords, usernames with passwords, security question responses, digital signatures, and credit card details with security codes.
While Stanford has not officially linked the September incident to a specific ransomware group, the Akira ransomware gang claimed responsibility for the attack in October. They asserted that they had pilfered 430GB of files from the university's systems.
Subsequently, the cybercriminal group published the stolen data on their dark web leak site, making it accessible for download via BitTorrent.
The Akira ransomware operation emerged in March 2023 and rapidly gained notoriety for targeting victims across various sectors. By June 2023, the group had developed and deployed a Linux encryptor specifically designed to target VMware ESXi virtual machines commonly used in corporate environments.
Negotiation chats reviewed by BleepingComputer indicate that the ransomware group is demanding ransom payments ranging from $200,000 to millions of dollars, depending on the size and scope of the breached organization.
This incident marks the latest in a series of data breaches suffered by Stanford University. In February 2023, the university disclosed another breach after sensitive information related to its Department of Economics Ph.D. program admissions was exposed online. Additionally, in April 2021, the Clop ransomware group leaked documents stolen from Stanford School of Medicine's Accellion File Transfer Appliance (FTA) platform.
0 comments:
Post a Comment