Slippery Rock University is warning alumni and donors that their personal information may have been compromised.
According to a mailing from the university, the security breach involved one of the school's third-party service providers, Blackbaud Inc., which "discovered and stopped an attempted ransomware attack that occurred between Feb. 7 and May 20." When the attack was discovered, SRU said, the service provider's cyber security team, along with independent forensics experts and law enforcement, prevented the cybercriminal from blocking their system access and encrypting files in order to hold them for ransom.
The attackers were expelled from the system, the university's mailing said, but not before they removed a copy of the university's backup file containing the personal information of those who received the notification of the breach. Blackbaud made its clients aware of the incident July 16.
While the stolen file may contain contact information and a history of each person's relationship with SRU, the mailing said, neither bank account, credit card information nor Social Security numbers were accessed. The records contained no information that cannot be accessed through public databases, the university said.
Blackbaud paid the cybercriminal's ransom demand, SRU said, with confirmation that the removed file had been destroyed. An investigation by the company and law enforcement has determined that there is "no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly," the mailing said.
Blackbaud has corrected the system vulnerabilities exploited by the cybercriminal, SRU said, and is taking further measures to strengthen its cybersecurity.
More information about the incident is available at srufoundation.org/securityincident.
