A number of universities have been hit by a data breach attributed to vulnerabilities in the IT security firm Accellion’s file-sharing software.
The incident reportedly impacted files containing private data from the University of California, Stanford University, the University of Miami, the University of Colorado, the University of Maryland, Yeshiva University, Merced, and Baltimore.
The university users’ files were hacked, which potentially e08xposes them to demands for money so that the data of their files will not be exposed or lost.
The University of California system said it reported the cyberattack to federal authorities and conducted an internal investigation.
Teachers, students, and staff at all UC campuses were warned not to respond to emails indicating that “the personal data has been stolen and will be published,” according to a statement released by the UC system on Wednesday.
The UC statement said, “We believe the person(s) behind this attack are sending threatening mass emails to members of the UC community in an attempt to scare people into giving them money.”
“Anyone receiving this message should either forward it to your local information security office or simply delete it,” it added.
The UC also stated that “At this time, we believe this attack affected only the Accellion system and did not compromise other UC systems or networks.”
On the other hand, the medical school of Stanford was compromised. The university is coordinating with a cyber forensics company to find out the personal information taken.
According to Stanford’s Dean of Medicine and CFO, “All individuals should remain vigilant and promptly report any suspicious activity or suspected identity theft.” Employees and others will be given identity theft security programs.
The data files from the universities were distributed on Clop. It is a website notorious for releasing pieces of hacked data before demanding a ransom in exchange for not sharing the entire stolen information.
Brett Callow, Emsisoft’s cybersecurity threat analyst, said in an email, “Clop has posted data relating to multiple universities most, if not all, of which have already confirmed their breaches were Accellion-related.”
“Clop is publishing the data from the Accellion breach on a staggered basis and is still adding victims, so it’s possible more universities may have been affected,” he added.
Earlier this year, cybercriminals targeted a vulnerability in Accellion’s file transfer system. It is advised that users exercise extra precautions. Users are urged not to open attachments or click on links from unknown sources.