The BlackCat, also known as the ALPHV ransomware group, revealed that it has compromised and stolen personal information from students, teachers, and staff of Florida International University.
The group claimed that approximately 1.2 TB they took comprised social security numbers, email database contracts, and accounting documents.
The Florida International University then stated that they investigated the ransomware group’s claim and declared that the threat actors had not compromised any sensitive information.
A representative of the academic institution did not respond to further inquiries regarding BlackCat’s claims. Experts who analysed the allegedly stolen data confirmed that the actors included no sensitive information from staff and students at the university in the recent attack.
The BlackCat’s recent campaign would make the affected university the eighth reported US university or college struck by ransomware this year after Centralia College, Phillips Community College of the University of Arkansas, National University College, Ohlone College, North Carolina A&T University, University of Detroit Mercy, and Savannah State University.
Furthermore, a ransomware expert indicated that through March of 2022, its research team had listed about 37 publicly reported attacks against schools, compared to 127 incidents last year. In addition, the first three months of this year have seen more campaigns than in 2021.
BlackCat ransomware has already hit at least three United States universities. Analysts expect that the group is a rebrand or a version of the DarkSide and BlackMatter ransomware gangs. The researchers have also linked the group to attacks on an Italian fashion brand and two German oil firms.
While organisations initially confirm that “no evidence information has been compromised,” it does not immediately translate that there is no compromised information.
The rampage of the BlackCat ransomware group is too fast for any organisation to counter. Experts suggest that firms should take preventive measures such as employing a competent cybersecurity provider to avoid infections from malicious entities.
