University of Utah pays a $457,000 ransom to ransomware gang

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online.

The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social and Behavioral Science [CSBS]). The university did not reveal the ransomware family involved in the attack.

The University was able to recover the operations from the backups, but decided to pay the ransom to avoid having ransomware operators leak student information online.

“On Sunday, July 19, 2020, computing servers in the University of Utah’s College of Social and Behavioral Science (CSBS) experienced a criminal ransomware attack, which rendered its servers temporarily inaccessible. The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” reads a press release published by the University.

“It was determined that approximately .02% of the data on the servers was affected by the attack.”

According to the University, the ransomware encrypted only 0.02% of the data stored on its servers. University of Utah officials explained that the university’s cyber insurance policy covered part of the ransom.

“After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker,” the university said today.” continues the statement.

“This was done as a proactive and preventive step to ensure information was not released on the internet.“

Law enforcement recommends never pay ransom because ransomware operators could not destroy the stolen data and attempting to monetize them in other illegal activities.

Stolen data could be sold to other cyber criminal organizations and used to make frauds.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, University of Utah)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.