Vice Society ransomware leaked University of Duisburg Essen’s data

Vice Society Ransomware Gang has claimed liability for the November 2022 cyberattack against the University of Duisburg-Essen. This attack forced UDE to rebuild its IT infrastructure.

The university has also been exposed by the threat actors through leaked documents they claimed to have stolen during the breach of its network. These files could contain sensitive information about students and staff operations.

UDE confirmed since that it was aware that the threat actors had published stolen data, and that they won’t be paying ransom.

In a , UDE stated that “After the cyberattack on the University of Duisburg–Essen (UDE), at the end of Nov”, the criminal group responsible has now published data about the Darknet.”

The university did not comply with the demands of the attackers and it had not paid ransom.

BleepingComputer reviewed the files leaked and discovered they contain backup archives, financial documents and student spreadsheets. Although they look authentic, there is no way for us to verify their authenticity.

Vice Society starts leaking data allegedly stolen from UDE

Source: BleepingComputer

Vice Society continues its attack on University of Duisburg–Essen as part of its ransomware campaign.

In 2022 the ransomware gang attacked and the as well as the school districts.

The FBI, CISA and MS-ISAC were prompted to warning of ransomware attacks on U.S. schools districts.

UDE IT Infrastructure Rebuilding

UDE to close down all communications and email systems at university until further notice. Also, the university cancelled the exams scheduled right before Christmas.

UDE’s IT experts had restored several core systems to a by December 7, 2022. On December 22, 2022, UDE’s IT specialists took a wide step for an online learning platform that affected 40,000 users.

UDE is still far away from normal operation.

UDE advised students and staff on January 9, 2023 that because of the severe cyberattack damage and complex patterns, reconstruction would be the best way to recover all systems.

UDE stated that 1,200 servers were affected by the cyberattack and the central authorization system was compromised. It would therefore be impossible to restore all of these.

The university is home to 43,000 students and 4,000 academic staff. It also has 1,500 administrative employees. The university is regarded as the best in Germany for physics.

Marius Mertens (CISO at UDE) discussed how he managed to mitigate a ransomware threat in a 2018 interview. Mertens emphasized the significance of UDE’s supercomputer which is ranked in the top 500 European universities and said that any disruption would cause significant financial loss.

When you consider the cost of lost CPU hours, a downtime could result in huge expenses. Martens .