Sorbonne University in France has unfortunately become the victim of a significant and very disruptive cyberattack recently. In a general context where many institutions are facing computer attacks, the university’s information system is experiencing major disruptions. These disruptions are due to a security incident that damaged different digital tools without completely stopping the continuity of all services. To effectively deal with this serious situation, immediate corrective measures have been put in place to reinforce all security devices. Recent investigation results have now highlighted the unfortunate compromise of several different categories of highly sensitive personal and financial data.
The latest results from investigations carried out by the Sorbonne University teams have now revealed the extent of the data compromise. These dedicated teams are working in close connection with external cybersecurity experts to fully analyze the scope of this security breach. Several categories of sensitive data were confirmed to have been exposed, including many professional email addresses of university personnel. The stolen information also contains important banking details, various Social Security numbers, and also elements related to employee compensation. This particular data exposure now presents a significant risk of fraud and identity theft for all of the affected university staff members.
In strict accordance with Europe’s General Data Protection Regulation (GDPR), Sorbonne University in France immediately proceeded with official notifications.
A formal declaration of the data breach was made to the CNIL, which is France’s national commission for data privacy. The university also quickly notified ANSSI, which is the national agency for the security of information systems in the country of France. Furthermore, the university has now officially filed a formal legal complaint with law enforcement on behalf of the entire academic establishment.
The university’s internal teams are tirelessly mobilized to manage this cyberattack and restore all services as quickly as it is now possible.
Sorbonne University officials have stated that all essential digital services that are required for the work of the university’s staff are now functioning. These important services are currently available during normal business work hours, though some minor disruptions may still exist for the university community. To support its staff members during this time, a dedicated toll-free telephone number will be made available to them at the beginning of next week. A frequently asked questions document will also be provided to staff members to help answer their most pressing and urgent interrogations. The university reaffirmed its firm commitment to guaranteeing that all the personal data of its staff remains fully protected from any potential misuse.
Reference:
