Ransomware gang starts leaking data stolen from Quebec university

Share post:

The LockBit ransomware gang has started releasing data it says was stolen last month from a Quebec university.

The data is from the University of Sherbrooke, with a student body of about 31,000 and 8,200 faculty and staff. Sherbrooke is a city about a two-hour drive east of Montreal.

Asked in an email to comment on the action by LockBit, university Secretary General Jocelyne Faucher referred to the institution’s Dec. 7 statement that said, “certain data from one research laboratory has been compromised.” The incident has had no impact on the university’s activities, the statement added. An investigation continues.

According to a news report on the French language Radio Canada, the university said last month it had not been hit with ransomware.

The university hasn’t said if the compromised data included personal information or intellectual property.

Threat actors go after the education sector for several reasons: First, they believe public school boards can be pressured into paying to get access back to stolen data about children. Second, they believe post-secondary institutions will be subject to pressure from students to pay for the return of stolen personal and research data.

According to Sophos’ most recent annual ransomware report, the education sector was the most likely to have experienced a ransomware attack in 2022. Eight per cent of educational institutions surveyed said they had been hit. “Education traditionally struggles with lower levels of resourcing and technology than many other industries,” the report says, “and the data shows that adversaries are exploiting these weaknesses.”

In June, Ontario’s University of Waterloo interrupted a ransomware attack after being tipped off by the RCMP. The university’s on-premises email server was compromised, but “only a tiny number of users were impacted,” the institution said. All university IT users had to re-set their login passwords.

One of the most recent cyber attacks on a Canadian university happened in December, when Memorial University’s Grenfell campus in Corner Brook, NL, was hit. According to the CBC, IT services at the Marine Institute were temporarily shut down. The start of the new semester at Grenfell had to be shifted to Monday, Jan. 8 from Thursday, Jan. 4.

All Grenfell faculty, staff and students have to change their login passwords. The university said today it has been told the campus “will likely feel the impacts of this incident for at least a few weeks.” Work includes providing laptops for faculty and staff and securing internet and Wi-Fi hotspots.

In the U.S., recent cyber attacks on the education sector included the forced IT shut down in November at Indiana’s DePauw University and an attack claimed by a ransomware gang in October at California’s Stanford University.

The post Ransomware gang starts leaking data stolen from Quebec university first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways