The Vice Society ransomware organization has claimed responsibility for the cyberattack that targeted Lewis & Clark College in Oregon, reports The Record, a news site by cybersecurity firm Recorded Future.
The cybercriminal group posted evidence of its activities on its website, including passports and documents with Social Security numbers, insurance files, and other sensitive information. The college experienced outages from March 3 through March 7, and on March 24 the school issued a notice informing the public of "an IT security incident which negatively impacted systems and services" throughout its campuses and which was under investigation.
The school released a statement on March 31 confirming the ransomware attack and stating that it does not intend to pay a ransom.
The attack continues a trend observed in Vice Society of targeting learning facilities and leaking students' sensitive data onto the dark web. The attack brings Vice Society's publicly reported ransomware victims this year to 50.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Nexperia had some of its servers confirmed to be compromised in a cyberattack last month following a report from Dutch broadcast firm RTL detailing attackers' claims of having exfiltrated hundreds of gigabytes of data from the Chinese-owned Dutch semiconductor manufacturer, according to Cybernews.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.