Urgent warning as hackers put thousands of students’ details on dark web
Over a million documents containing personal data of students and staff were uploaded to the “dark web” after a large-scale cyber attack at a Scottish university.
Last month, the University of the West of Scotland (UWS) was allegedly targeted by hackers who accessed the information.
2
2
The Scotsman reports that more than 363 gigabytes of data, including digital IDs, visa applications, health files, financial data and personnel files with allegations of bullying, have now been disclosed online post on Sunday.
The newspaper claims to have seen evidence of the data breach, including bank details and social security numbers, which were leaked.
Hacker gang Rhysida put the alleged data online and demanded 20 bitcoin (£450,000) “ransom” in return.
However, the files were released to the cybercriminals after the payment deadline.
The group was first discovered by cybersecurity experts in May and is said to be behind several attacks.
According to cyber experts at SentinelOne, Rhydisa is targeting victims by posing as a cybersecurity team that is showing problems in their systems.
But security experts claim the high price was part of the ruse, hoping the university will pay out the ransom to prevent the data from falling into the wrong hands.
Brett Callow, threat analyst at cybersecurity firm Emisoft, previously told the BBC: “Realistically, the data probably doesn’t have anywhere near the value that Rhysida attributes to it – at least not to third parties.”
“They hope the university will pay to prevent the information from being published on the dark web and then used by other cybercriminals for identity fraud.”
The university has referred itself to the information officer.
Violations of data protection by organizations can lead to large fines from the supervisory authority.
A spokesman said: “UWS said: “A forensic investigation is ongoing to confirm the individuals involved.”
“The University continues to cooperate with law enforcement as the criminal investigation progresses and is in liaison with the Data Protection Officer.”
A Police Scotland spokesman said: “An investigation is ongoing following a report of a cyber incident in Paisley.
“The case was reported to the police on July 3, 2023 and the investigation is ongoing.”
The UWS is the third major institution to fall victim to a cyber attack in recent weeks.
The PSNI in Northern Ireland has been hit by a major data breach after falsely posting the names, ranks, locations and other personal information of thousands of police officers and employees online.
And last week The Electoral Commission apologized for the data breach This allowed cybercriminals to access the names and addresses of up to 40 MILLION voters.
We pay for your stories and videos! Do you have a story or video for The Scottish Sun? Email us at scoop@thesun.co.uk or call 0141 420 5200