Stanford University is investigating a cybersecurity incident within its Department of Public Safety after a ransomware gang claimed it attacked the school on Friday.
A spokesperson for the university directed Recorded Future News to a statement published late on Friday afternoon explaining that it is in the process of figuring out the details of the incident.
“We are continuing to investigate a cybersecurity incident at the Stanford University Department of Public Safety (SUDPS) to determine the extent of what may have been impacted,” the school said.
“Based on our investigation to date, there is no indication that the incident affected any other part of the university, nor did it impact police response to emergencies. The impacted SUDPS system has been secured.”
They added that their information security teams are looking into the incident alongside outside specialists. Once the investigation is completed, they said, they would share more information.
On Friday morning, the Akira ransomware gang claimed it attacked Stanford University and stole 430 gigabytes of data.
The gang has been behind several attacks on U.S. colleges and K-12 schools this year after emerging in March.
Researchers from cybersecurity companies Avast and Arctic Wolf have found multiple pieces of evidence tying the operation Conti — a now-defunct ransomware group accused of launching several high-profile attacks on governments around the world.
Arctic Wolf said the group has compromised at least 63 victims since beginning operations. A decryptor for the ransomware was released by Avast in July but the group has not stopped launching attacks.
Stanford University is the latest major U.S. school to face down ransomware attackers in recent weeks after the University of Michigan was forced to sever internet access to stop an attack in August.
Stanford University previously dealt with a cybersecurity incident in 2021, when the Clop ransomware gang stole and leaked personal information obtained through a vulnerability in the Accellion File Transfer Appliance (FTA) software.
The breach involved Social Security numbers and more taken from Stanford Medicine.
