Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

NUI Galway was affected by the hack. Shutterstock/STLJB
blackbaud

Hacker was paid ransom after NUI Galway alumni data targeted in worldwide cyber attack

The university said “names, telephone numbers and email addresses” in its alumni database may have been targeted in the hack.

NUI GALWAY HAS confirmed it was one of more than 20 institutions across the world affected by hackers attacking a cloud provider. 

The university said it understood that “names, telephone numbers and email addresses” in its alumni database may have been targeted in the recent Blackbaud hack

The software giant – which provides relationship management systems for third level institutions – was held ransom by hackers in May and paid an undisclosed sum to cyber criminals. 

The US-based firm has declined to provide lists of those affected but institutions in the UK, US and Canada have been affected with the University of South Wales the most recent to confirm it had been hacked. 

In an email to alumni NUI Galway said it had been “reassured” that alumni data will not be misused and that cyber criminals did not access credit card or bank data. Student data was also not affected, it said. 

After discovering the attack, Blackbaud’s Cyber Security team – together with independent forensics experts and law enforcement – “successfully prevented the cybercriminal from blocking their system access and fully encrypting files,” the university said. 

This “ultimately expelled them from the system,” it added. 

“However, before being locked out, the cybercriminal removed a copy of a backup file containing personal information including a subset of NUI Galway data,” the university said. 

The files removed may have contained names, contact information including telephone numbers, email addresses and mailing addresses as well as a history of alumni and supporters relationships, according to the university.

Blackbaud paid the cyber criminal’s demand with confirmation that the copy they removed had been destroyed, NUIG said. 

“Based on the nature of the incident, their research, and a third party – including law enforcement – investigation, Blackbaud do not believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly and are continuing to monitor this,” it continued.

“NUI Galway was not party to the decision to make this payment and only became aware of this payment after it had occurred,” it added. 

The university has launched its own investigation into the hack and said it is “reviewing” its relationship with the third-party service provider. It said it has also informed the Data Protection Commission of the incident. 

Blackbaud, a company based in South Carolina, has been criticised for not disclosing the hacking of its systems externally in May until July and for having paid hackers an undisclosed ransom.

“The majority of our customers were not part of this incident,” the company has said.

According to a statement on its website: “In May of 2020, we discovered and stopped a ransomware attack. Prior to our locking the cyber-criminal out, the cyber-criminal removed a copy of a subset of data from our self-hosted environment.”

The statement says Blackbaud paid the ransom demand. 

Blackbaud added that it had been given “confirmation that the copy [of data] they removed had been destroyed”.  

TheJournal.ie has contacted NUI Galway for comment.

Your Voice
Readers Comments
16
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel