Fraud Management & Cybercrime , Ransomware

BlackCat Leaks Data Belonging to Irish University

Over 6-GB Dump Appears to Include Sensitive Data
BlackCat Leaks Data Belonging to Irish University
Image: Munster Technological University

The BlackCat ransomware-as-a-service group dumped more than 6 gigabytes worth of information stolen from Ireland's Munster Technological University.

See Also: OnDemand | Key Cyber Attack Vectors in EU 2023: Discussing AI, Strategies and Goals for 2024

The Sunday dump, which appears to include sensitive data including staff medical diagnoses and student bank account information, came days after the Irish High Court issued a temporary injunction prohibiting ransomware attackers from leaking data, Ireland's public broadcaster RTÉ reported. The court order also mandated the hackers hand over any confidential data in their possession to the university, according to the report.

"MTU will seek to enforce that injunction as far as possible," the university said in a Friday update. The university disclosed last Tuesday that a cyber incident had disrupted IT systems, causing it to cancel classes on its Cork campuses. By Wednesday, the school acknowledged that the incident had been ransomware (see: Irish University Confirms Ransomware Behind Campus Closures).

An Irish court order is unlikely to have much effect on the Russian-speaking gang behind BlackCat, also known as Alphv. The gang surfaced in November 2021 and appears to be a reboot of the notorious group known as BlackMatter, which was itself a rebrand of DarkSide.

Responding to the leak on Sunday, the university confirmed hackers did access personal information belonging to the university but added it is currently working with forensic analysts to determine the extent and nature of the data accessed by the hackers. The university also added that it is currently notifying victims affected by the breach.

Brian Honan, a cybersecurity consultant and the head of the nonprofit IRISS-CERT, said the injunction will certainly have no effect on BlackCat hackers.

"What the injunction does serve - it provides the university with a tool to enforce any third parties who come into possession of the stolen data to surrender the data to it and prevent it from publishing the stolen data," Honan said. "This would mean any organization looking to use the stolen data for online publications or blogs could be enforced not to do so."

About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.