STANFORD, CA - Stanford University says they’re investigating a cybersecurity incident within its Dept. of Public Safety. Data breaches on school campuses have been on the rise in the last year and some experts believe campus hacks may continue across the country.
A group called Akira is taking responsibility for the data breach at Stanford. The university hasn't addressed ransom demands, but experts say more needs to be done to keep this from happening again.
"The real prize for a lot of these hackers is personal information," said Ian Sherr, Tech expert and freelance reporter.
Stanford University says it’s reviewing a cybersecurity incident at its Dept. of Public Safety. On Friday, the group Akira posted this message, saying it obtained 430 gigabytes of internal data from the dept. and threatened to leak it unless the university contacted them.
"They do something called double extortion, which is they will get the money from through cryptocurrency. They’ll convert it outside the United States into cash, and then they go to sell your data on the dark web," said Ahmed Banafa, San Jose State Univ. Engineering professor.
Stanford has not confirmed if ransom was demanded but says its system is now secure, and they don’t believe the breach affected any other department.
"What they care about is being able to harness as much information as possible. Then hopefully, connect it together and figure out who we are and be able to steal our identities, go and hack into our bank accounts, take over our 401Ks."
Digital security firm Emsisoft says in 2022, 44 colleges and universities and 45 school districts in the U.S. were impacted by ransomware. Dr. Saswata Basu is a data privacy expert and says everyone, especially large organizations, must keep their security systems updated and find new advanced ways to keep hackers out.
"You want to fragment your data. You don’t want to keep all your data in one place. You don’t want to copy. What happens when you copy, is your weakest copy, which seems to be the case, a local drive, is vulnerable to hack. Anybody can get access to it," said Basu, CEO & Founder of Zus.
These experts also told me no one should pay ransom for hacked data because you don’t know if the information has already been copied and sold or if you’ll ever regain access to the data again.