Newsroom
The notorious Medusa ransomware gang is asking for $100,000 from Open University of Cyprus following a cyberattack on the institution’s digital platforms, with data samples already leaked online to prove they are not kidding.
(Click here for an update to the story)
According to OUC, the IT department “detected a malicious attack on the University's file server” which took place on March 27, prompting the online distance-learning university to shut down central services and critical systems.
Student lists with personally identifiable information, financial details of research contractors, and other information already appeared online to show Medusa was not kidding
Medusa, a notorious ransomware gang, has claimed the cyberattack and reportedly gave the University 14 days to pay $100,000 or the data would be leaked online.
According to experts, the Medusa ransomware terminates crucial services and processes for Windows operating programs and penetrates file backup systems while targeting mail servers, database servers, and security software.
Local media said student lists with personally identifiable information, financial details of research contractors, and other information already appeared online.
A Cypriot expert who spoke on state radio Thursday morning confirmed that samples of the stolen data had been published, but it was not clear how sensitive was the information compared to other hacked records.
Last week, according to Bleeping Computer, a website for technology and cybersecurity news, the attackers set a ransom at $100,000 and gave OUC 14 days to pay.
“However, the threat group set the same price for both deleting the data as well as for selling it to an interested party,” the website said.
The hackers have also said they would delay publishing the data by one day for $10,000, according to the website.
Cyprus has been under cyberattacks recently with government agencies having to shut down their servers as precaution, while officials blamed a recent incident with multiple platforms on a water leak.
A similar attack on public-funded University of Cyprus also made the news last month, with officials saying the servers were shut down to prevent malicious access. No details were provided about the incident but the school said services wenbt offline as a precaution.