"Vice Society Claims Ransomware Attack Against University of Duisburg-Essen"

The threat actor Vice Society has recently claimed responsibility for the ransomware attack against the University of Duisburg-Essen (UDE) in November 2022 and has reportedly published some stolen data on the dark web.  UDE announced over the weekend, saying the data publication resulted from the university not complying with the attackers' ransom demands.  At the same time, the university clarified that all its security measures were based on the Federal Office for Information Security (BSI) standards and the BSI IT baseline protection methodology.  UDE stated that "the fact that the attackers still managed to extract data and make ransom demands once again illustrates the organization's highly professional approach and criminal intent."  UDE added that immediately after the attack was discovered, the university shut down the entire IT infrastructure and disconnected it from the network.  Thanks to this, the criminal organization would have only obtained a limited amount of data.  The published data is currently being evaluated.  This is not Vice Society's first ransomware attack on the education sector.  In 2022, the group targeted the Cincinnati State Technical and Community College, the Medical University of Innsbruck, and the Los Angeles Unified School District.

Infosecurity reports: "Vice Society Claims Ransomware Attack Against University of Duisburg-Essen"