This site uses cookies to improve your experience and to provide services and advertising. By continuing to browse, you agree to the use of cookies described in our Cookies Policy. You may change your settings at any time but this may impact on the functionality of the site. To learn more see our Cookies Policy.
OK
#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 16 °C Thursday 13 August, 2020
Advertisement

Hacker was paid ransom after NUI Galway alumni data targeted in worldwide cyber attack

The university said “names, telephone numbers and email addresses” in its alumni database may have been targeted in the hack.

NUI Galway was affected by the hack.
NUI Galway was affected by the hack.
Image: Shutterstock/STLJB

NUI GALWAY HAS confirmed it was one of more than 20 institutions across the world affected by hackers attacking a cloud provider. 

The university said it understood that “names, telephone numbers and email addresses” in its alumni database may have been targeted in the recent Blackbaud hack

The software giant – which provides relationship management systems for third level institutions – was held ransom by hackers in May and paid an undisclosed sum to cyber criminals. 

The US-based firm has declined to provide lists of those affected but institutions in the UK, US and Canada have been affected with the University of South Wales the most recent to confirm it had been hacked. 

In an email to alumni NUI Galway said it had been “reassured” that alumni data will not be misused and that cyber criminals did not access credit card or bank data. Student data was also not affected, it said. 

After discovering the attack, Blackbaud’s Cyber Security team – together with independent forensics experts and law enforcement – “successfully prevented the cybercriminal from blocking their system access and fully encrypting files,” the university said. 

This “ultimately expelled them from the system,” it added. 

“However, before being locked out, the cybercriminal removed a copy of a backup file containing personal information including a subset of NUI Galway data,” the university said. 

The files removed may have contained names, contact information including telephone numbers, email addresses and mailing addresses as well as a history of alumni and supporters relationships, according to the university.

Blackbaud paid the cyber criminal’s demand with confirmation that the copy they removed had been destroyed, NUIG said. 

“Based on the nature of the incident, their research, and a third party – including law enforcement – investigation, Blackbaud do not believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly and are continuing to monitor this,” it continued.

“NUI Galway was not party to the decision to make this payment and only became aware of this payment after it had occurred,” it added. 

The university has launched its own investigation into the hack and said it is “reviewing” its relationship with the third-party service provider. It said it has also informed the Data Protection Commission of the incident. 

Blackbaud, a company based in South Carolina, has been criticised for not disclosing the hacking of its systems externally in May until July and for having paid hackers an undisclosed ransom.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

“The majority of our customers were not part of this incident,” the company has said.

According to a statement on its website: “In May of 2020, we discovered and stopped a ransomware attack. Prior to our locking the cyber-criminal out, the cyber-criminal removed a copy of a subset of data from our self-hosted environment.”

The statement says Blackbaud paid the ransom demand. 

Blackbaud added that it had been given “confirmation that the copy [of data] they removed had been destroyed”.  

TheJournal.ie has contacted NUI Galway for comment.

  • Share on Facebook
  • Email this article
  •  

About the author:

Read next:

COMMENTS (16)

This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel