University of York Confirms Recent Data Breach Was Caused by Ransomware

Published at: July 22, 2020

The University of York has confirmed that a ransomware attack from an unnamed gang took place in May. Vulnerabilities from their third-party service provider led to the data breach.

According to an announcement via the University’s website, Blackbaud, one of the world’s largest customer relationship management systems for sectors such as the education, confirmed that the cybercriminals managed to extract copies of staff, alumni, and student records.

The university clarified that no sensitive information, such as banking details or login credentials, were stolen by the gang. Overall, the hackers captured basic info like names, date birth dates, addresses, contact details, reports of donations, and survey results.

A slow response

In the report, the University of York suggests that Blackbaud’s slow response and notification about the breach made the situation worse.

Speaking with Cointelegraph, Paul Edon, senior director, technical services at cybersecurity firm Tripwire, commented:

"Many universities employ third-parties to help manage and secure their systems. It is imperative that these third-parties are aligned with the university in their security objectives and are regularly audited to ensure they are meeting the service level agreements. Any misalignment or failure to meet agreed service levels can result in serious loop-holes in the overall security of the institution."

The announcement adds that the attackers were not able to 100% deploy the ransomware. Blackbaud still advised paying for the undisclosed ransom amount demanded, which is something that was done by the university. The third-party service provider reportedly received assurances from the cybercriminals that the data had been destroyed.

The university issued the following statement:

“We are taking steps to understand how many other parties in higher education and the wider not-for-profit sector have been affected. We are working with Blackbaud to understand why there was a delay between them finding the breach and notifying us, as well as what actions they have taken to increase their security.”

Recently, the University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in Bitcoin (BTC) to the NetWalker gang following a ransomware attack on June 1.

Tags
Related Posts
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Ransomware Threatens Production of 300 Ventilators Per Day
The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are threatening to leak data from the company. Cointelegraph has viewed the DoppelPaymer blog, where the gang lists example files of the data stolen during the attack, including sales and purchase orders, assignment forms, among others. The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm. Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the …
Blockchain / Aug. 7, 2020
English Football Club Hit With Multi-Million Dollar Ransomware Attack
The UK National Cyber Security Centre released a report on July 23 that discloses a growing trend in ransomware attacks against the sports sector. They noted a recent example in which attackers demanded that an English Football League club, or EFL, pay a multi-million dollar ransom in Bitcoin (BTC). According to the Cyber Threat to Sports Organizations paper, the unnamed club was targeted by ransomware that crippled their corporate security systems. The ransom amount requested was 400 BTC ($3.66 million). The club declined to pay, resulting in a loss of their stored data. The attack could have had a great …
Bitcoin / July 23, 2020
Report: Ransom Costs for Stolen Data Rose 200% From 2018 to 2019
On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …
Technology / June 8, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020