Stanford University is looking into what it described as a “cybersecurity incident” after a ransomware group claimed it attacked the school.
The attack, which happened last week on Oct. 27, cost the university 430 GB worth of data, including “private information, confidential documents etc.,” according to the Akira ransomware group that claimed to have launched it.
Stanford University didn’t confirm or deny the group’s claims but said in an official statement that the attacks happened within its Department of Public Safety.
“We are continuing to investigate a cybersecurity incident at the Stanford University Department of Public Safety (SUDPS) to determine the extent of what may have been impacted,” Stanford University said in an official statement. “Based on our investigation to date, there is no indication that the incident affected any other part of the university, nor did it impact police response to emergencies. The impacted SUDPS system has been secured.
The statement added that their information security teams are working with outside specialists in investigating the incident, and that they would share more information once the investigation is completed.
The Akira ransomware gang is a relatively new group that emerged in March this year. It’s believed to have been behind several cybersecurity attacks on K-12 schools and colleges in the US. Researchers from Arctic Wolf, Avast, and Trend Micro have tied it to Conti, a now-defunct ransomware group responsible for several high-profile attacks on governments.
This isn’t the first time Stanford University is facing a cybersecurity breach. In 2021, the Clop ransomware group stole personal information, including Social Security numbers, through a vulnerability in the Accellion File Transfer Appliance (FTA) software and leaked it.