The University of Utah became the latest victim of attacks ransomware, with hackers being paid nearly half a million dollars for not posting sensitive information on the Internet.
Although no details have been announced about its type ransomware used for the attack, the university confirmed that the infection affected 0,02% of the data stored on its servers and that the exposed information belonged to employees and students.
The university restored the data using backups, and no central university IT system was compromised, but payment was necessary because hackers threatened to circulate the stolen information on the Internet.
"After careful consideration, the university decided to work with the cyber insurance company and pay the intruder a fee. ransomware. "This was done as a precautionary measure to ensure that information would not be circulated on the Internet," the University of Utah explained in announcement on his page.
The university ended up paying over $ 457.000 to the hackers and part of the ransom was covered by the cyberspace insurance policy.
"CSBS servers were immediately isolated from the rest of the university and the Internet. The university informed the appropriate law enforcement authorities and ISO began to actively investigate the matter. "An external consultant specializing in handling these situations was also hired to support the investigation," the public statement said.
The university recommends that students and staff continue to use strong passwords and change them on a regular basis to make it difficult for intruders to access their accounts.
However, the university acknowledges that other vulnerabilities may still exist in its systems, but additional security upgrades are currently underway, including the transfer of all college systems to headquarters for improved protection.