Stanford University is actively investigating a recent cybersecurity incident within its Department of Public Safety following claims by the Akira ransomware gang that they had attacked the institution. The university’s spokesperson stated that they are in the process of determining the full extent of the impact, assuring that the incident had not affected other parts of the university or emergency response capabilities, and that the affected system had been secured.
Furthermore, the investigation is being carried out by the university’s information security teams in collaboration with external specialists, with the promise to share more information once it is completed.
The Akira ransomware gang claimed responsibility for the attack and asserted that they had stolen 430 gigabytes of data from Stanford University, marking another instance of U.S. educational institutions falling prey to cyber threats in recent times. Stanford joins a growing list of schools facing ransomware attacks, with the University of Michigan having to disconnect from the internet in August to thwart an attack. The Akira gang has been active this year, targeting not only schools but also government entities. Additionally, cybersecurity companies Avast and Arctic Wolf have uncovered connections between the gang and the Conti operation, a now-defunct ransomware group responsible for various high-profile attacks on governments worldwide.
Notably, Stanford University had previously dealt with a cybersecurity incident in 2021 when the Clop ransomware gang compromised the Accellion File Transfer Appliance (FTA) software, leading to the theft and release of personal information, including Social Security numbers, obtained through a software vulnerability in Stanford Medicine. These incidents highlight the persistent and evolving threat landscape educational institutions face, necessitating ongoing vigilance and cybersecurity measures to safeguard their data and operations.