The University of California is warning its students and staff that a ransomware group could have carried out an attack and released their personal data and that of hundreds of other schools, government agencies, and businesses across the country.
Miamimundo / AP
A cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor used to securely transfer files, the University of California said in a statement Wednesday.
“We understand that those behind this attack have posted online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in this way,” the University of California said of the attack.
The hacker (s) have also been sending threatening mass emails that threaten to release data “in an attempt to scare people into giving them money,” the statement said.
In an update on Friday, the university system said the cyberattack affected some 300 organizations, “including universities, government institutions and private companies.”
Other schools, including Stanford University School of Medicine and Yeshiva University in New York City, have reported that Social Security numbers and financial information of students and employees were stolen and that some were posted online.
The information was obtained in December and January when hackers exploited a vulnerability in a 20-year-old Accellion file transfer service, according to multiple reports. However, some organizations said they only recently became aware of the breach.
Another cyber attack
The Baltimore Sun reported Thursday that private information from staff members and students at the University of Maryland, Baltimore was posted online this week. The school said a group of hackers known as Clop gained access to Accellion in December, the Sun said.
The University of Colorado and the University of Miami reported that the files were accessed in January and included personal data and some health data, studies and research.
The Washington State Auditor’s Office reported last month that information on nearly 1.5 million jobless applicants had been stolen.
Accellion issued a statement in March saying it had closed “all known vulnerabilities” and that no new ones had been found.
Large-scale ransomware attacks and the pursuit of massive payments have affected several organizations in recent months.