BleepingComputer reports that data from 27,000 individuals have been compromised following a ransomware attack against the Stanford University Department of Public Safety initially identified in late September.
Attackers infiltrated SUDPS' network from May 12 to Sept. 27, facilitating access to individuals' birthdates, government IDs, Social Security numbers, passport numbers, driver's license numbers, and other personally identifiable information, with a limited number of people also having their health and medical details, biometric information, email addresses and passwords, and credit card details potentially impacted by the incident, said Stanford University in breach notifications filed with the Maine Attorney General's Office. No threat operation has been named behind the intrusion but the Akira ransomware gang took credit and claimed to exfiltrate 430GB of data from Stanford's systems, which has already been exposed on its leak site. Such a breach at Stanford comes after the exposure of admission information at its Department of Economics Ph.D. program last February and Cl0p ransomware's leak of Stanford School of Medicine data following the attack against Accellion's file transfer software in April 2021.