Private information of staff and students at the University of Maryland, Baltimore was posted on the internet this week after a ransomware group breached the school’s system in December.
In a statement, university officials said a ransomware group, known as Clop, had gained access in December to the Accellion file transfer system, which was used by UMB students and staff to transfer encrypted files.
The university learned of the data breach this week when the hackers posted evidence online that they had accessed files in the UMB system containing some personally identifiable information, according to university spokesman Alex Likowski. The school did not say what kind of information was posted, but ZDNet reported the data included a federal tax document, passports, addresses and Social Security numbers.
The universities of Miami and Colorado as well as Harvard Business School also experienced similar breaches associated with Accellion, according to EdScoop.
No other schools in the University System of Maryland are using Accellion, spokesman Mike Lurie said in an email this week.
UMB has reported the data breach to federal and state authorities. University officials said they decommissioned the Accellion system in February and there is no evidence that it was compromised at any other time, according to Likowski.
“Our investigation shows that every appropriate security measure was taken by our Center for Information Technology Services, including rigorous monitoring and the timely installation of all patches and upgrades provided by Accellion,” Likowski said.
UMB is offering security assistance, including credit monitoring and identity restoration services to individuals whose documents were compromised.
This is the latest public institution to suffer a ransomware attack. Baltimore County Schools were shuttered for several days following a crippling attack on its servers the day before Thanksgiving. And Baltimore City also spent millions on recovery from a ransomware attack in 2019.
In December, Greater Baltimore Medical Center was forced to reschedule some procedures and take systems offline following a ransomware attack.