On Sunday 30th of April 2023, Bluefield University disclosed that the university had suffered a cyberattack that impacted the IT systems, causing all examinations to be postponed. However, at that time it had claimed that its investigation had found no evidence of any cases of financial fraud or identity theft linked to the incident.
Although on Monday 1st of May 2023, the Avos ransomware gang hijacked Bluefield University’s emergency broadcast system, “RamAlert,” to send students and staff SMS texts and email alerts that their data was stolen and would soon be released if the University did not pay a ransom demand. Further alerts included instructions and links on how to access the ransomware gang’s data leak site.
To apply more pressure on the university, the Avos ransomware gang released a limited amount of stolen data, including a W-2 Tax Form for the University’s President and a document related to their insurance policy. Bluefield University has published an update on the cyberattack, informing students and staff that remediation and system restoration efforts are still underway and that no evidence of any cases of financial fraud or identity theft linked to the incident.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.