The Open University of Cyprus (OUC) has fallen victim to the notorious Medusa ransomware gang, asking for $100,000 following a cyberattack on the institution’s digital platforms.
The gang has stolen personal data from the university’s online platforms while also causing severe disruptions to the organisation’s operations.
Last week, the university announced that a cyberattack occurred on March 27 that resulted in several central services and critical systems going offline.
According to OUC, the IT department “detected a malicious attack on the University’s file server”.
The university was prompted to shut down its central services and critical systems.
As reported, the infamous ransomware gang gave the University 14 days to pay $100,000, or the data would be leaked online.
The group has set the same price for both deleting the data and selling it to an interested party.
For $10,000, the hackers say they would delay publishing the data by one day.
To prove they mean business, the group has already leaked data samples.
The stolen data includes student lists with personally identifiable information, financial details of research contractors, and other information.
Medusa ransomware terminates vital services and processes for Windows operating programs and penetrates file backup systems while targeting mail servers, database servers, and security software.
The gang behind the attack has been hitting businesses worldwide, while, unlike other ransomware actors, Medusa does not consider education organisations off-limits.
At the beginning of March, the gang targeted the Minneapolis Public Schools district, demanding a ransom of $1 mln.
Meanwhile, Cyprus has suffered from a series of high-impact cyber incidents since the beginning of 2023, the most notable being a catastrophic attack against the online portal of the land registry on March 8.
Three months earlier, hackers targeted the e-mails of members of the Cyprus University of Technology (TEPAK).
After gaining access to the accounts, the hackers managed to trick officials by giving instructions to pay a ‘significant amount’, pretending to be a European Union agency.
A similar attack on the state-funded University of Cyprus last month saw servers shut down to prevent malicious access.
No details were provided about the incident, but services went offline as a precaution.
The state Land Registry was the latest victim of cyberattacks, forced to close earlier in March following an unprecedented hacker attack on its webpage and systems.
Its online system has not fully been restored, as a water leak knocked out digital government services, flooding the state server room.
Earlier in the week, a water leak flooded the basement of the Finance Ministry, where servers are kept, knocking out e-governance services.
