Maynooth University confirmed that it had been the victim of a cyber-attack last May; information on students and alumni had been stolen

EducareerHeadlinesInformationLatestMain news

Last updated Sep 4, 2020

Confirmation that many universities have fallen victim to cyber hacking. Several universities, including Maynooth University and NUIG University, have been hacked, as per the latest report.

Cyber-attack was targeted at Blackbaud, a software company which provides software and cloud management systems to third-level institutions and universities.

Maynooth University confirmed that it was the victim of a widespread cyber hack on last May. It also confirmed that information on students and alumni had been stolen.

Students were assured that their data would not be used or disseminated after Blackbud paid a ransom to cybercriminals in exchange for destroying the stolen files.

Although the Blackbaud did not list the institutions affected by the cyber-attack, the college confirmed that in a letter to students and alumni of Maynooth University that it was alerted to a breach on 16 July.

The letter states that the University received a security alert on July 16 from Blackbird, a third-party service provider.

“They advised us that they were a victim of a ransomware attack in May 2020. After discovering the attack, Blackbaud’s cybersecurity team – together with independent forensic experts and law enforcement – successfully prevented the cybercriminal from blocking their system access and fully encrypting files, and ultimately expelled them.”

However, a copy of a backup file containing personal information, including a subset of Maynooth University data, was removed by the cybercriminal. Blackbaud paid ransom to those criminals after confirming that the copy they removed had been destroyed.

The university said that an investigation had been launched and information including names, dates of birth, addresses and academic credentials had been stolen in the attack, but there was no evidence that credit cards, bank details or passwords had been accessed.

The university made it clear that monitoring would continue and that the Data Protection Commissioner had been notified of the cyber-attack. A spokesman for the Data Protection Commissioner then confirmed that the breach had been reported.

In addition to apologising for the incident, the letter stated that college students and alumni should not take any action against it, but should be alert and report if anything suspicious has happened.