Massive Data Breach: Ransomware Attack Impacts 27,000 Individuals in September Cyber Heist

A recent ransomware attack at Stanford University resulted in the theft of personal information of 27,000 individuals within its Department of Public Safety (SUDPS) network. The university discovered the attack on September 27 and confirmed that the attackers did not gain access to other systems outside the SUDPS network.

A Timeline of the Attack

The investigation revealed that unauthorized individuals gained access to the SUDPS network between May 12 and September 27. According to data breach notifications filed with Maine’s Attorney General, the attackers stole documents containing personally identifiable information (PII) belonging to 27,000 individuals. The compromised information included dates of birth, Social Security numbers, government IDs, passport numbers, driver’s license numbers, and other data collected by the Department of Public Safety.

For a small number of individuals, the stolen information also included biometric data, health/medical information, email addresses with passwords, usernames with passwords, security questions and answers, digital signatures, and credit card information with security codes.

Akira Ransomware Gang Claims Responsibility

While Stanford University has not attributed the September incident to a specific ransomware operation, the Akira ransomware gang claimed the attack in October. They stated that they stole 430Gb of files from the university’s systems and have since published the stolen data on their dark web leak site, making it available for download via BitTorrent.

The Akira ransomware operation emerged in March and quickly gained notoriety by targeting victims across various industry verticals. By June, the Akira ransomware operators had developed and deployed a Linux encryptor to target VMware ESXi virtual machines widely used in enterprise environments. We’ve seen ransom demands ranging from $200,000 to millions of dollars, depending on the size of the breached organization.

Stanford’s History of Data Breaches

This isn’t the first time Stanford University has dealt with a data breach. In February, the university disclosed another data breach after the Department of Economics Ph.D. program admission information was exposed online between December and January. This followed an April 2021 data breach when the Clop ransomware leaked documents stolen from Stanford School of Medicine’s Accellion File Transfer Appliance (FTA) platform.

Protect Yourself and Your Organization

Cybersecurity incidents like these are a sobering reminder of the importance of protecting your personal information and your organization’s data. It’s crucial to invest in robust cybersecurity measures, maintain regular backups, and educate employees about the dangers of phishing and other cyber threats.

We at IT Services are committed to helping you stay informed about the latest cybersecurity trends and best practices. Whether you’re an individual or a business owner, we’re here to provide you with the information and tools you need to stay safe in the digital world. Contact us to learn more and keep coming back for the latest updates and advice.