Ransomware team targets Universities associated with Baltimore, Ca in new information leaks

The particular Clop ransomware team offers posted economic paperwork plus passport information allegedly from the College or university associated with Baltimore as well as the College of California on the internet.  

On Walk twenty nine, the particular danger actors started posting screenshots associated with data allegedly stolen from your US ALL educational institutes.  

These types of screenshots, including records that will apparently are part of our own University of Maryland (UMD), show a federal tax document, requests for tuition remission paperwork, a software for the Board of Nursing, passports, and tax summary documents.

The leaked data snapshots exposed painful and sensitive information points including the photos and names of people, home addresses, Social Security numbers, immigration status, dates of birth, and passport numbers.  

Sensitive information has been redacted within the screenshots below.


The University of California (UC) also has been subject to exactly the same group’s tactics.  

Screenshots published from the group, viewed by ZDNet via  Kela ‘s threat intelligence suite Darkbeast, include lists of people and their Social Security numbers, retirement documentation, and 2019/2020 benefit adjustment requests.  

In addition , the leaked data seems to include late enrollment benefit license request forms for employees and UCPath Blue Shield health savings plan enrollment requests.  

screenshot-2021-03-29-at-16-42-45.png screenshot-2021-03-29-at-16-42-45.png

Clop continues to be associated with a string of cyberattacks against organizations. Clop is one of several threat groups which will employ a ‘double-extortion’ tactic, in which ransomware might be deployed on the compromised machine first, and the cybercriminals threaten in making corporate or painful and sensitive stolen datasets public on the leak site unless blackmail demands are met.

Early in the day this month, the girls leaked data allegedly belonging to the University of Miami and Colorado.  

On a single day, records allegedly belonging to Shell were also posted on the web. The oil giant unmasked that a cyberattack had occurred with the compromise of Accellion FTA servers earlier in the day this month.

On March 22, the REvil ransomware group published what appears to be financial data from tech giant Acer following a ransomware incident. Acer was subject to a $50 million ransom demand, of which it is not known if any such thing was paid. The organization did not make sure a ransomware attack occurred but did declare IT “abnormalities” have been discovered.  

The University of Maryland as well as the University of California have not taken care of immediately multiple requests for comment by the time of publication.  

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or higher at Keybase: charlie0

Next Post

The particular PERSONAL COMPUTER has returned. And it is exciting again

Tue Mar 30 , 2021
Viewing Intel commemorate the variety plus strength associated with Personal computers immediately after chip experienced Terry Gelsinger returned because CEO gave me a few fun flashbacks to Intel Creator Discussion board events associated with older, in which the firm utilized to display creative brand new laptop type elements that will […]