University of California Paid Cybercriminals a £1 Million Ransom

The University of California, San Francisco (UCSF) says it paid cybercriminals $1.14 million (£1 million) to decrypt a “limited number of servers” in its School of Medicine that was hit by Netwalker ransomware earlier this month.

The University – which has 10 campuses around California —  was hit by the ransomware attack on June 1. It said that it had “successfully isolated the incident from the core UCSF network…” and believed that the malware encrypted its servers opportunistically, with no particular area being targeted.

The UCSF said: “The attackers obtained some data as proof of their action, to use in their demand for a ransom payment. We are continuing our investigation, but we do not currently believe patient medical records were exposed. As additional facts become known, we will provide further updates.

“We continue to cooperate with law enforcement, and we appreciate everyone’s understanding that we are limited in what we can share.”

Source: Computer Business Review