Major University In California Pays Ransome!

The University of San Francisco (UCSF) is the latest organization to fall victim to hackers, running afoul of a group utilizing the Netwalker ransomware strain.

UCSF is a research university whose recent efforts have been focused on health sciences generally and COVID-19-related research specifically. On June 3rd, 2020, Netwalker published a notice on a site they use for data leaks.

It stated they had successfully breached the UCSF network, publishing a sample of the files stolen during their attack. The sample included a number of student applications, complete with social security numbers, and screen shots of folder listings that appeared to contain financial information, medical studies, university employee information and the like. Later the same day that the post and samples appeared on the Netwalker leak site, UCSF confirmed the attack.

Their formal statement on the matter reads in part, as follows:

“As we disclosed on June 3, UCSF IT staff detected a security incident that occurred in a limited part of the UCSF School of Medicine’s IT environment on June 1.

We quarantined several IT systems within the School of Medicine as a safety measure, and we successfully isolated the incident from the core UCSF network. Importantly, this incident did not affect our patient care delivery operations, overall campus network, or COVID-19 work.

The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”

It’s a staggering sum that underscores just how serious these kinds of attacks can be. Worse, over the last several months, UCSF is the third university to be successfully attacked. With months to go in 2020, they will almost certainly not be the last.

Get In Touch

Share On Social Media

Other Recent Blog Articles

Apple Addresses Critical Zero-Day Vulnerabilities Affecting Intel-Based Macs

November 20, 2024

Apple has addressed two critical zero-day vulnerabilities that were actively exploited by attackers to target Intel-based Macs. The flaws resided in macOS Sequoia’s JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309) components. The…

Read More

Elevating Small Businesses, One Tech Solution at a Time

November 1, 2024

PDX IT Services, led by industry veteran Steve Shaff, is dedicated to rescuing small businesses from IT chaos. With over 25 years of experience working with Fortune 500 companies and…

Read More

Part 2 with our special guest Victoria Dean – Story Time with Victoria Dean

November 1, 2024

Join us for Part 2 of our Breaking Down I.T. podcast as we sit down with Victoria Dean, a seasoned IT professional from TAK Consulting. In this episode, we dive…

Read More