"Stanford University Data Breach Impacts 27,000 Individuals"

Stanford University recently notified 27,000 individuals that their personal information was stolen in a ransomware attack on its Department of Public Safety (DPS). The university says that the incident was discovered on September 27, 2023, but the attackers had access to the Stanford DPS network beginning May 12. The university noted that the hackers were evicted from the environment, and the network was secured shortly after the attack was discovered. Around one month later, the Akira ransomware group claimed responsibility for the attack, claiming to have stolen over 400 gigabytes of data from the university. According to Stanford, the attackers accessed no other systems beyond the DPS network. The stolen personal information, Stanford says, varies by individual, but may include names, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, government ID numbers, and other information. The university noted that for a small number of individuals, this information may also have included biometric data, health/medical information, email address with a password, username with a password, security questions and answers, digital signature, and credit card information with security codes.  

SecurityWeek reports: "Stanford University Data Breach Impacts 27,000 Individuals"