Stanford University Hacked – Attackers Breached The Internal Network
Stanford, CA – Stanford University is reaching out to individuals potentially impacted by a recent data security breach within its Department of Public Safety.
The breach, identified as a ransomware attack on September 27, 2023, prompted immediate action from the university, including notifications to law enforcement agencies and initiating a thorough investigation with a leading forensic investigator.
Standford University said that the investigation revealed unauthorized access to the Department of Public Safety’s network from May 12, 2023, until the breach was discovered.
Swift measures were taken to terminate the unauthorized access and secure the network. It is important to note that the incident was isolated to the Department of Public Safety’s systems and did not affect other Stanford networks or systems. Currently, no evidence suggests that any of the accessed information has been misused.
In February 2023, Stanford University reported another data breach following the exposure of admissions information for the Department of Economics Ph.D. program online from December 2022 to January 2023.
27,000 Users Data Leaked
The comprehensive forensic investigation has now identified individuals whose information may have been compromised. Stanford is notifying these individuals via mail and providing them with details on complimentary identity protection services.
According to data breach alerts sent to Maine's Attorney General, the attackers stole papers containing the personally identifiable information (PII) of 27,000 people.
领英推荐
The types of personal information potentially affected include, but are not limited to, dates of birth, Social Security numbers, government IDs, passport numbers, driver’s license numbers, and, in some cases, biometric data, health/medical information, email addresses with passwords, usernames with passwords, security questions and answers, digital signatures, and credit card information with security codes.
The Akira Ransomware group is believed to be behind this attack. They have stated that they took 430GB of files from Standford University's Internal systems and are asking for nearly a million dollars in ransom.
The Akira ransomware group, which first appeared in March 2023, has been identified as a serious threat to data security. It encrypts data and demands a ransom for decryption, affecting Windows and Linux devices.
Stanford University takes the privacy and security of community members very seriously and is committed to supporting all those affected. The law enforcement investigation into the incident is ongoing, and Stanford is cooperating fully.
Information Technology & Security Consulting
8 个月Wow, so much for a password less campus...
Cyber hygiene
IT Consultant Talks about #cybersecurity, #ai
8 个月WOW >>>>>>>> a million dollars in ransom.
???? Cyber Security Expert
8 个月Users who open or run all types of files from inside the local network… for example, or exploiting a Virtualization Platform Vulnerability
Specialist ICS/OT Security Engineer | Network Architect Administrator | Author
8 个月The Stanford University data breach, particularly within its Department of Public Safety, underscores the persistent ransomware threat. While immediate measures and forensic investigation are commendable, educational institutions must enhance their cybersecurity frameworks proactively. The focus should be continuous monitoring, employee training, and incident response planning. Establishing a culture of security and regular audits can significantly mitigate risks. Additionally, community engagement in cybersecurity awareness can strengthen the collective defence against such threats.