Several universities appear to be the victims of a data breach connected to vulnerabilities in file transfer software sold by IT security company Accellion.
Files containing sensitive information from Stanford University; the University of Maryland, Baltimore; the University of Miami; the University of California, Merced; the University of Colorado and Yeshiva University were recently discovered on the dark web, tech news website Gizmodo reported Thursday.
A statement from the University of California system published Wednesday advised faculty members, students and staff members not to respond to emails stating, “your personal data has been stolen and will be published.”
“We believe the person(s) behind this attack are sending threatening mass emails to members of the UC community in an attempt to scare people into giving them money,” the UC statement said. “Anyone receiving this message should either forward it to your local information security office or simply delete it.”
The universities’ data files were shared on a website called Clop, which is known to share snippets of stolen information and then demand a ransom in return for not publishing the rest of the stolen data.