Maastricht University in the Netherlands is trying to recover from a hard fall it took from a massive ransomware attack that hit them just two days before Christmas. The University later announced that the attack took down “almost all Windows systems” at the university and particularly affected the University’s email services.
Maastricht University is placed amongst the top 500 universities in the world for the past two years. Thus, an attack so severe is not only devastating for its students and employees but also dents its reputation. The University said, “The Executive Board and the deans of the faculties deeply regret the inconvenience this is causing for both students and staff. In the days to come, they want to see in what way students and staff who are experiencing problems due to this situation can be accommodated.”
The University has rightfully reported this incident to the police. The type of ransomware attack has not been disclosed yet, but as part of the incidence response, help has been immediately taken from cybersecurity specialists. “IT staff at UM (Maastricht University), along with external specialists in this field, have been working all-out since the discovery of the attack. The current phase involves forensic investigation and repairs.”
In order to contain the damages and complete the ransomware attack analysis, the University itself has taken down all its systems. “Everything is aimed at giving students and employees access to the systems as soon as possible in phases. Given the size and extent of the attack, it is not yet possible to indicate when that can be done exactly.”
In a similar incidence in the other sphere, the Australian National University discovered a major data breach that affected students’ and University’s sensitive information. According to the University’s Vice Chancellor Brian Schmidt, unknown cybercriminals attacked the University’s systems and accessed personal information late in 2018, which was discovered by the University authorities only on May 17, 2019. The exposed information included names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, passport details, and student academic records, according to the University’s Vice Chancellor Brian Schmidt.
However, Schmidt also clarified that data like credit card details, travel information, medical records, police checks, workers’ compensation, vehicle registration numbers, and some performance records were not affected by the incident.