Pierluigi Paganini
March 13, 2024
Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people.
The prestigious US university was the victim of a ransomware attack carried out by the Akira ransomware group. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.
Akira Ransomware posts Stanford University. 430 gb of internal data.
— Dominic Alvieri (@AlvieriD) October 27, 2023
Stanford was breached last year by Clop Ransomware. pic.twitter.com/Ups3jmXAId
This week, Stanford University announced it is sending notification letters to the impacted individuals, it also added that the incident involved the Stanford Department of Public Safety.
The Department of Public Safety discovered the security breach on September 27, 2023, and investigated the incident.
“The investigation determined that an unauthorized individual(s) gained access to the Department of Public Safety’s network between May 12, 2023, and Sept. 27, 2023. The unauthorized access was ended and the network was secured shortly after the unauthorized access was first discovered.” reads the update published by the university. “The incident does not involve any Stanford systems or networks beyond the one used by the Department of Public Safety.”
The threat actors have gained access to the Department of Public Safety’s network from May 12 until September 27, 2023.
Compromised information varies from person to person, but they could include date of birth, Social Security number, government ID, passport number, driver’s license number, and other information collected by the Department of Public Safety in its operations.
For a limited number of victims, threat actors had access to biometric data, health/medical information, email addresses with passwords, usernames with passwords, security questions and answers, digital signatures, and credit card information with security codes.
Stanford University confirmed that, at this time, there is no evidence that the compromised information has been misused.
This isn’t the first time that Stanford University has suffered a security breach, in 2021 the Clop ransomware gang stole sensitive data from Stanford Medicine.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
