Stanford University says data of thousands was stolen in ransomware attack

Image credit: Shutterstock (Image credit: Shutterstock)

The ransomware attack against Stanford University in 2023 resulted in 27,000 people having their sensitive information stolen, it has confirmed in an update on its website as well as via a filing with the Office of the Maine Attorney General.

In the update, the education organization said that threat actors breached its networks on May 12, 2023, and dwelled until September 27 the same year, when they were discovered and ousted. During that time, the organization said, the group breached only the Stanford Department of Public Safety (SDPS), where it obtained personal, sensitive data.

No other networks were breached, and until now, the data was not misused, the organization said.

Akira claims responsibility

“The personal information that may have been affected varies from person to person but could include date of birth, Social Security number, government ID, passport number, driver’s license number, and other information the Department of Public Safety may have collected in its operations,” the breach notification explains.

“For a small number of individuals, this information may also have included biometric data, health/medical information, email address with password, username with password, security questions and answers, digital signature, and credit card information with security codes.”

In the filing with the Office of the Maine Attorney General, Stanford added that 27,000 individuals were affected by the breach, all of which will be getting 24 months of complimentary credit monitoring and identity protection services through IDX and TransUnion.

While Stanford did not name its attackers, or detail their demands, BleepingComputer found that the threat actors Akira claimed responsibility in October, when they claimed to have stolen 430GB of files from the university. The stolen data has since been published on the dark web leak site and made available as a torrent file, suggesting that the negotiations were unsuccessful.

Via BleepingComputer

More from TechRadar Pro

University of Cambridge apparently suffering DDoS attack - and it isn't the only one affected
Here's a list of the best firewalls around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.