Attack on Queensland University of Technology by Royal Ransomware

Royal ransomware has taken responsibility for the recent attack on Queensland University of Technology. They have begun to leak the data that was allegedly stolen in the breach.

Queensland University of Technology is Australia’s largest university by student count (52,672) and operates on a budget of more than one billion A$.

It is a university that focuses on mathematical, scientific, technological and engineering studies. In recent years, it has been supported by significant amounts of government funding.

QUT warned students and academic staff about a possible cyberattack that occurred on January 1, 2023.

To prevent further attacks, the university has shut down its IT systems. External experts are being brought in to assist with the response.

“Our university staff work around the clock in order to assess and restore service and minimize disruptions to students and academic progress,” says the

“Our campuses will reopen in January 2023. However, it is possible that some disruptions to the system will persist for several weeks.

The HiQ website and the eStudent, Digital Workplace, and Blackboard systems are currently unavailable. This means that many exams and courses will have to be rescheduled for February.

Additionally, all network folders including U Drive, the printing network and VPN access using Cisco AnyConnect were removed until further notice.

Summer semester students will have the opportunity to cancel without any academic or financial penalty. This is because some disruptions might not be acceptable for them.

Students and staff were informed via notices. A was created to update the public on the progress of restoration and the availability of service.

Students and staff at QUT were advised to be vigilant about suspicious communications attempts. They were also told to not attempt to communicate with university systems that were marked as offline by the status page.

The university has not provided any evidence to suggest that data was compromised by the cyberattack.

The Royal Gang releases stolen data

Although the University claims there are no data theft evidence, Royal Ransomware has begun publishing QUT data.

The ransomware group posted a new entry to their data leak site. They leaked documents and HR files as well as email and correspondence, documents and ID cards.

QUT data leak entry on Royal ransomware’s site

Source: BleepingComputer

BleepingComputer can’t confirm if these files were taken from QUT but they seem to be connected to the university.

Royal ransomware was started as an in September 2022. It closed in May 2022.

The Zeon group was the first to launch the ransomware attack, but in September.

After launching multiple attacks , the gang gained quick attention from researchers and governments.

Recent ransomware group , a telecommunications company, and initially demanded a $60,000,000 ransom.