Yesterday, Virginia Union University (VUU) issued data breach notifications to 1,309 individuals in Texas and 459 in Massachusetts, as part of a total of 1,768 people affected by a cyber attack claimed by the LockBit ransomware gang in February 2023. VUU detected unauthorized activity on its systems on February 13, 2023, and subsequently conducted a thorough investigation with external cybersecurity experts. On April 1, 2024, it was confirmed that certain personal information, including full names, Social Security Numbers, dates of birth, driver’s license numbers, and state IDs, might have been accessed or acquired by unauthorized individuals.
While VUU has no evidence that the data has been misused, the institution is offering affected individuals a complimentary 12-month membership of CyEx Identity Defense for credit and identity monitoring. Additionally, they recommend monitoring bank accounts, tax returns, and credit reports for any unauthorized activity, and to be cautious of unsolicited emails or messages asking for personal data. It is unclear whether VUU paid a ransom to LockBit, and the exact method of access used by the ransomware gang remains unknown.
LockBit is a prolific ransomware gang that has been active since 2019, responsible for 157 confirmed attacks in the US alone, affecting at least 11.6 million records. The gang often employs a double-extortion model, demanding a ransom to decrypt systems and delete any stolen data. In 2023, LockBit has been behind ten confirmed attacks in the US, with an additional 98 unconfirmed claims. The group is believed to be based in Russia.
Ransomware attacks on the US education sector have been rising, with 102 confirmed attacks in 2023, up from 72 in 2022, affecting over 2 million records. The average ransom demand in these attacks was $450,000, and the average downtime was over 11 days. VUU, located in Richmond, Virginia, is a private institution founded in 1865, currently home to more than 1,200 undergraduate and 400 graduate students.
