Stanford University and the University of California recently warned users of a data breach and advised them to take extra caution following a nationwide cyberattack that is affecting its computer systems.
The cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor that is used to securely transfer files. This security breach involving Accellion means that an unknown number of university users’ files were compromised, subjecting them to possible demands for money to prevent the files’ contents from being revealed or destroyed.
Stanford said its medical school had also been targeted and that it was working with a cyber forensics firm to determine whose personal data has been stolen. A statement from the school’s dean of medicine and Chief Financial Officer said identity theft protection services would be offered to employees and others.
According to the University of California, the hackers have “published online screenshots of personal information” in an attempt to “scare people into giving them money.” The university said that once it learned of the cybersecurity attack, it reported it to federal law enforcement and began an internal investigation.
According to the statement, some computer users were sent a message that says: “Your personal data has been stolen and will be published.
This type of ransomware attack, where hackers export user data and threaten to release it to the public if the ransom is not paid, is known as a ‘Double Extortion‘ attack. They have become increasingly popular among cyber criminals in recent years.
The university called the threats “broad and somewhat imprecise” and said some users who received them will not have had their data compromised. It advised users who received the threat to either forward it to campus computer security officials or delete it. It urged computer users not to click on links or open attachments from anyone but trusted sources.
These types of malicious malware attacks are becoming increasingly common, and one clicked link could lead to countless problems. Can everyone in your organisation spot the warning signs of a potentially devastating phishing attack? Find out in our Free Click-Prone® Test today.