The University of California, San Francisco, paid a ransom of $1.14 million to hackers who encrypted and threatened to publish sensitive data stolen from the institution’s School of Medicine.
UCSF is one of three universities recently targeted using ransom software known as Netwalker. Michigan State University and Columbia College Chicago were also affected. Michigan State announced last month that it decided not to pay the ransom out of concern that payment to the criminals would encourage future attacks.
Through an anonymous tip, a BBC News reporter was able to join the live chat room where UCSF negotiated the ransom. The hackers initially demanded $3 million. A UCSF representative said the coronavirus pandemic was “financially devastating” for the university and made a counteroffer of $780,000, which was refused. They settled on a payment of 116.4 Bitcoin, worth approximately $1.14 million.