A ransomware stole the data of 27,000 people from Stanford last year

Last year, a ransomware attack affected Stanford University’s Department of Public Safety (SUDPS) network. Furthermore, after Stanford investigated the incident, the conclusion was that the ransomware stole the data of 27,000 people. However, the attack didn’t affect any other departments. In addition, according to Stanford, an unauthorized individual gained access to the data.

How does a ransomware attack work?

Threat actors use ransomware attacks to lock and encrypt data, devices, and systems. Afterward, the cybercriminal makes them inaccessible and unusable. Then, the hacker asks for a ransom to unlock them. In Stanford’s case, the main goal of the ransomware attack was to steal and leak the data. Furthermore, according to Dominic Alvieri, the Akira group is responsible for posting 430 GB of Stanford data on the dark web.

Most of the Stanford data stolen by the ransomware attack consists of phone numbers, emails, names, locations, digital signatures, security questions, usernames, passwords, credit cards, and security codes. On top of that, a smaller number of victims had their medical information and driver’s license number stolen.

Unfortunately, it took a long time for Stanford to release an update about the situation. Furthermore, the University announced that the people affected will receive an email. In it, they will find identity protection services free of charge.

Ultimately, this is not the only cybersecurity incident that happened to the University. Stanford dealt with similar ransomware attacks in the past. In addition, it takes a long time for the University to act, especially since they send emails only to the potentially impacted individuals. Fortunately, the investigations started shortly after the attack, and they managed to end it fast. Furthermore, the network is now more secure.

What are your thoughts? Have you ever encountered a ransomware attack? Let us know in the comments.