/cloudfront-us-east-1.images.arcpublishing.com/sltrib/QX33LP4LRZGVVCAENLL46HEYTA.jpg)
The University of Utah paid extortionists nearly half a million dollars after a ransomware attack on some of its computer servers, and now tells students, staff and faculty to change their university passwords.
According to a university statement, it paid $ 457,059.24 to an “unknown entity” that hacked the College of Social and Behavioral Science servers on July 19, making them “temporarily unavailable.”
The cybercriminals encrypted about 0.02% of the data stored there before the U.S. Information Security Office discovered the attack. The university did not specify the threat, but ransomware attacks involve criminal groups hacking and stealing data; encrypt it so that the owners do not have access to it; and demand payment to release the data – often threatens to release sensitive information if its requirements are not met.
The police were contacted and the university hired “an outside consultant with expertise in dealing with these types of situations.”
The affected servers were “directly isolated from the rest of the university and the Internet.” The servers were “cleaned up, and college data was reinstalled from system backs.” But because it included information about employees and students – and after “careful consideration” – the ransom was paid “as a proactive and preventive step to ensure that information was not released on the Internet.”
According to the statement, the U.’s cyber insurance policy pays “part of” the $ 457,059.24 ransom, and “the university handles the rest.” The U. did not specify the distribution, but added that “no tuition, subsidy, donation, state or taxpayer were found to pay the ransom.”
The university is “still checking” exactly what data was accessible, and promised an update “when more information is available.”
Ten days after the attack, students, staff and faculty were told to change their university passwords. According to the university, the delay was because there had to be “a full understanding of what information could be stolen and how access was gained”, because it “worked with law enforcement to determine what steps” should be taken. taken.
