Pages

Thursday, August 3, 2023

Cyber Insecurity - Part 5 (Hawaiian ransom)

A component of the U of Hawaii was hit with the same cyber attack as UCLA. But it has admitted paying a ransom in response. From Inside Higher Ed:

In a rare move, a community college announced it has paid a ransom to hackers after data from roughly 28,000 individuals were compromised. Hawai‘i Community College, part of the University of Hawai‘i system, announced on Friday it paid an undisclosed amount to an unnamed ransomware group.

“The University of Hawai‘i made the difficult decision to negotiate with the threat actors in order to protect the individuals whose sensitive information might have been compromised,” the university said in a statement. The ransomware group’s history of posting personal information when a deal is not reached was a “significant consideration” in the decision to pay, according to the university.

University officials said the deal it reached with the hackers includes the destruction of all of the obtained information.

Ransomware attacks have been increasing in recent months—most recently with file transfer software MOVEit. Law enforcement agencies advise institutions to avoid paying hackers.

“Paying a ransom doesn’t guarantee you or your organization will get any data back,” the FBI said in a statement on its website. “It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.” ...

Full story at https://www.insidehighered.com/news/quick-takes/2023/07/31/hawaii-community-college-pays-ransom-after-data-breach

UCLA has not released information, other than acknowledging that it occurred. Was some kind of ransom paid? Blog readers will recall that at the last Regents meeting, there was a long delay in getting started while the Regents behind closed doors pondered some kind of sudden issue that evidently took a lot of time to discuss. Did that issue deal with a response to the breach?

No comments:

Post a Comment