The university’s information technology team detected “unusual activity” on the network last week and shut it down to investigate the situation, the statement said.
“The situation is still being investigated,” according to the university, but “based on the investigation and the information we have to date, we know the University has experienced a ransomware cyberattack.”
“To date, there has been no evidence of personal information being accessed or exfiltrated; however, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed,” the statement adds.
Late last year, US intelligence officials warned that universities and schools are being targeted by malicious cyber actors, including ransomware criminals, during the coronavirus pandemic.
In a joint cyber security bulletin issued at the time by the FBI, DHS and a consortium that monitors nationwide online threats, officials said hackers are “targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data and the disruption of distance learning services.”
The bulletin noted that hackers targeting schools have disrupted the ability to conduct distance learning, and adopting malicious techniques previously used against corporate America, have stolen and threatened to leak confidential student data unless a ransom is paid.
In addition to the theft of student data, intelligence officials said hackers continue to disrupt remote learning systems that schools have been forced to adopt due to pandemic social distancing requirements.
Cyberattacks against schools have caused significant disruptions for students, parents and teachers trying to adapt to increased distance learning programs. There have been many incidents reported over the last two years, but one of the most severe occurred in Baltimore County, Maryland, where schools — which service 115,000 students — were forced to close for three days last month due to a ransomware attack.