Stanford says data of 27,000 people was leaked in September ransomware attack


A ransomware group accessed the personal information of more than 27,000 people on Stanford University servers. during a cyberattack last yearwarned the university this week.

The California-based school began sending breach notification letters this week, 10 months after the Akira ransomware gang first compromised the school’s systems.

Stanford University released a statement Monday saying its investigation found clues that hackers gained access to the Department of Public Safety’s network from May 12 to September 27, 2023.

“The incident does not involve any Stanford systems or networks beyond those used by the Department of Public Safety,” the school said. saidnoting that federal and local law enforcement investigations are ongoing.

“Personal information that may have been affected varies from person to person, but may include date of birth, social security number, government ID, passport number, license number driving and other information that the Department of Public Safety may have collected in the course of its operations. »

The statement added that for an additional group of victims, certain “biometric data, medical/health information, email address with password, username with password, security questions and answers, digital signature and information credit card with security codes” may have been viewed. by pirates.

In the documents deposit Along with Maine regulators, the school said the large time gap between the attack and notification was because the incident “required time to analyze.”

Victims will be offered two years of free identity protection services.

THE Akira ransomware group claimed that he stole 430 gigabytes of data in the attack. The gang targeted several United States colleges And K-12 Schools in 2023 after its appearance last March.

Stanford University previously faced a cybersecurity incident in 2021, when the Clop ransomware gang stolen and leaked personal information obtained through a vulnerability in the Accellion File Transfer Appliance (FTA) software. The violation implied Social Security numbers and more from Stanford Medicine.

Get more information with the

Future saved

Intelligence cloud.

Learn more.

Leave a comment