UCSF Pays $1.14M Ransom After Cyberattack
The University of California San Francisco confirmed it paid a $1.14 million ransom to hackers who were behind a cyberattack on its medical school’s computer servers on June 1.
- By Yvonne Marquez
- June 30, 2020
The University of California San Francisco confirmed it paid a $1.14 million ransom to hackers who were behind a cyberattack on its medical school’s computer servers on June 1.
On June 1, UCSF’s IT staff identified the incident in progress and managed to partially stop the cyberattack and isolate it from the core UCSF network. However, the attackers were able to launch malware that “encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible.”
The attackers obtained data that they then used as proof of their attack to demand a ransom payment. The university says they don’t believe patient medical records were exposed.
“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” says a statement published on the university’s website. “We therefore made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”
According to BBC News, the Netwalker criminal gang attacked the university. BBC News reports they are responsible for at least two other ransomware attacks on universities in the past two months.
UCSF negotiated with the attackers and paid them in bitcoins in exchange for decryption software. Now the university is assisting the FBI with their investigation and working to restore the affected servers.