Stanford says data from 27,000 people leaked in September ransomware attack

Avatar

A ransomware gang accessed the personal information of more than 27,000 people on Stanford University servers during a cyberattack last year, the university warned this week.

The California-based school began sending out breach notification letters this week, 10 months after the Akira ransomware gang first compromised the school’s systems.

Stanford University released a statement on Monday saying their investigation uncovered clues indicating the hackers had gained access to the Department of Public Safety’s network from May 12 until September 27, 2023.

“The incident does not involve any Stanford systems or networks beyond the one used by the Department of Public Safety,” the school said, noting that federal and local law enforcement investigations are ongoing.

“The personal information that may have been affected varies from person to person but could include date of birth, Social Security number, government ID, passport number, driver’s license number, and other information the Department of Public Safety may have collected in its operations.”

The statement adds that for an additional group of victims, some “biometric data, health/medical information, email address with password, username with password, security questions and answers, digital signature, and credit card information with security codes” may have been accessed by the hackers.

In documents filed with regulators in Maine, the school said the large time gap between the attack and the notification was because the incident “required time to analyze.”

Victims will be offered two years of free identity protection services.

The Akira ransomware gang claimed that it stole 430 gigabytes of data in the attack. The gang targeted several U.S. colleges and K-12 schools in 2023 after emerging last March.

Stanford University previously dealt with a cybersecurity incident in 2021, when the Clop ransomware gang stole and leaked personal information obtained through a vulnerability in the Accellion File Transfer Appliance (FTA) software. The breach involved Social Security numbers and more taken from Stanford Medicine.

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

ODNI appoints new election security leader ahead of presidential race

Next Post

JetBrains vulnerability exploitation highlights debate over ‘silent patching’

Related Posts

The ROI of Security Investments: How Cybersecurity Leaders Prove It

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.
Avatar
Read More