SAN FRANCISCO – Hackers who attacked computer servers at the University of California, San Francisco School of Medicine received a ransom of more than $ 1 million to regain access to data that had been maliciously encrypted by malware, university officials announced Friday. .
The school’s Information Technology staff detected a security incident on June 1, and the affected areas, described as “a limited number of servers in the School of Medicine,” were isolated from the UCSF core network.
The attack made the servers inaccessible and malware was loaded during the breach of encrypted data on the affected servers that was used by the attackers as evidence of what had been perpetrated.
“The encrypted data is important to some of the academic work we do as a university serving the public good,” the university said in a press release. “Therefore, we made the difficult decision to pay a portion of the ransom, approximately $ 1.14 million, to the people behind the malware attack in exchange for a tool to unlock the encrypted data and return the data they obtained.”
Authorities emphasized that the attack did not affect the patient’s care, his novel work with coronavirus or the general campus network.
The university said it is working with a cybersecurity consultant and other outside experts to investigate the attack and strengthen the system’s defenses.
Contaminated servers are expected to be restored in the near future.
“This incident reflects the increasing use of malware by cybercriminals worldwide seeking monetary gain, including several recent attacks against higher education institutions,” the university said. “We continue to cooperate with law enforcement, and we appreciate that everyone understands that we are limited in what we can share as we continue our investigation.”
