University of California San Francisco Guide (UCSF) announcedthat paid cybercriminals about $ 1.14 million to recover data encrypted during a ransomware attack earlier this month. UCSF is one of the leading centers of the world in the fields of medical research, dentistry, patient care and medical education.
The incident occurred on June 1, 2020, and the university fell victim to the NetWalker ransomware: Malvari operators announced a hack on their website on darknet, posting some stolen files as evidence. Representatives of the UCSF claim that they were able to restrain the spread of the malvari soon after its discovery, although the attack still affected some systems.
So, according to official data, the School of Medicine’s network was isolated to prevent the development of an attack (some of the servers were still encrypted), and the main USCF network was not affected. As a result, the incident did not affect the provision of medical care to patients, the COVID-19 study, and did not affect the campus network. Although the investigation of the incident has not yet been completed, it is currently believed that the medical records of the patients also did not fall into the hands of third parties.
University experts believe that the attackers were not targeted at specific servers, but encrypted the data that they could reach. ” It is expected that the servers affected by the attack will fully return to work in the near future.
UCSF representatives note that the data encrypted during the attack was part of a socially important research. Because of the value of this information, management decided to pay the attackers “some ransom, approximately $ 1.14 million,” for a tool to decrypt the data. By to the BBC, a negotiator acting on behalf of the UCSF, bargained with hackers for a long time, and first offered to pay them $ 780,000.