Ioanna Kyriakou
The Open University of Cyprus failed to meet the deadline set by the "Medusa" group of hackers to pay a ransom in exchange for not releasing sensitive personal data. On Thursday (20/04), the hackers' "dark web" site went down but resurfaced at around 13:40 on Thursday afternoon, with the group announcing that the data had been leaked and could now be downloaded. It remains unclear how much personal data was intercepted by the hackers.
The "Medusa" group demanded $100,000 in cryptocurrency in exchange for not releasing the data, which included information on students, former students, alumni, academic and administrative staff, researchers, and collaborators. The Republic of Cyprus did not pay the ransom, and the hackers followed through with their threat.
According to security expert Dinos Pastos, the "dark web" is a part of the internet that offers anonymity and is only accessible with specialized software like "tor". This software does not work with the usual .com addresses but instead uses .onion. He explained that the pages on the "dark web" are mostly illegal and are used by criminals to announce their ransom or demands.
The leaked data could contain passwords, files, photos, medical certificates, and emails, among other personal information. Pastos noted that individuals whose personal information has been leaked may become targets of hacking attacks on social media and other websites where they have used the same passwords. The full implications of the leak will only become apparent when it is clear exactly what information was intercepted by the hackers. Once the data is stolen and leaked, it is difficult to remove it from the "dark web".