The sensitive data of students, faculties, and staff of Guilford College in North Carolina have been compromised after ransomware actors hacked into the school’s servers. According to the school’s spokesperson, the cyberattack happened in October.
Upon learning of the intrusion, authorities and security experts were notified immediately to aid with the cyberattack. The North Carolina university had disconnected online following the incident and hired forensic analysts to help investigate.
The hackers have obtained sensitive data from the North Carolina school.
As the school’s spokesperson added, the initial investigation showed evidence suggesting that the hackers obtained sensitive data from students, faculties, and staff. All affected individuals, including the parents of the students, were sent emails to inform them about the incident. Follow-up updates were also sent to advise the victims about the investigation.
Weeks after the North Carolina school learned of the incident and instigated investigations, the prolific Hive ransomware group claimed to be the perpetrator of the attack. The gang also threatened the university to leak the stolen data if it failed to cooperate, posting samples on their leak site as proof that they were holding the school’s data.
Guilford College then confirms the claims of the Hive ransomware gang, adding that the cybersecurity experts they teamed up with are already reviewing the stolen files. The North Carolina school expressed regret and stated they were doing its best to mitigate the problem.
A recent joint report from the FBI, CISA and DHHS warned people about the growing threat posed by the Hive ransomware group, involving the gang bringing in over $100 million from cyberattacks against 1,300 organisations globally from June last year to this November.
The gang had targeted numerous companies and critical infrastructures under different sectors, such as IT, the government, the military, manufacturing, and more. Furthermore, Hive is also one of the most active ransomware groups operating in the wild.
In the US, at least 35 educational institutions have been struck by cyberattacks this year. Researchers said that most of these attacks resulted in the stolen data being leaked online, exposing victims to further danger.