The University of California, San Francisco (UCSF) has paid a $1.14 million ransom to recover data related to “important” academic work. The data was encrypted after the NetWalker ransomware reportedly hit the UCSF medical school. The UCSF, which includes a medical school and a medical center (UCSF Medical Center) as well as a graduate division, is a leading institution in biological and medical research. The university said that it first detected a “security incident” in its medical school’s IT environment on June 1. The attackers launched malware that encrypted a “limited number” of servers within the medical school, making them inaccessible. “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” said the university in a recent security update. “We therefore made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.” Threatpost reached out to UCSF for more information about how the cyberattack started and whether they have received a decryption key that works. The cyberattack did not affect the university’s patient care delivery operations, overall campus network, or COVID-19 work, it said. UCSF also said they “do not currently believe” patient medical records were exposed – but are continuing their investigation. “Our investigation is…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-06-30 12:12:002020-06-30 12:12:00UCSF Pays $1.14M After NetWalker Ransomware Attack
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org