Stanford University said Monday it was investigating a “cybersecurity incident” after a ransomware group threatened to release confidential information from the university’s Department of Public Safety on the dark web.
According to a screenshot posted to social media by cybersecurity analyst Brett Callow, the ransomware group ‘Akira’ holds 430 gigabytes worth of internal data from the Department of Public Safety, including confidential documents and private information. The group instructed those interested in the information to contact them.
#Akira has listed #Stanford University. #ransomware 1/2 pic.twitter.com/Jya3hbnDNn
— Brett Callow (@BrettCallow) October 27, 2023
“Stanford University is one of the world’s leading research universities. Stanford is known for its entrepreneurial character, drawing from the legacy of its founders, Jane and Leland Stanford, and its relationship to Silicon Valley,” the Akira threat reads. “Soon the University will be also known for 430 GB of internal data leaked online.”
The university acknowledged the threat on Friday, saying that the department’s impacted systems had been “secured.”
“We are continuing to investigate a cybersecurity incident at the Stanford University Department of Public Safety (SUDPS) to determine the extent of what may have been impacted,” the university said in a statement. “Based on our investigation to date, there is no indication that the incident affected any other part of the university, nor did it impact police response to emergencies. The impacted SUDPS system has been secured.”
The university’s statement did not directly address the claim of data already allegedly stolen by the hackers.
Ransomware occurs when hackers obtain personal information using malware, and then hold that information until a ransom is paid.
According to Callow, at least 68 colleges and universities have been hit by ransomware attacks this year. The amount of ransom money Akira is holding the information for remained unclear as of Monday.