Sensitive data stolen in Okanagan College cyber attack now posted to dark web, ransomware group claims
College alerted authorities to the attack, did not entertain conversations about paying a ransom
Hackers believed to be responsible for a cyber attack on Okanagan College earlier this month claim they have now posted sensitive data onto the dark web.
On their website, the hacker group Vice Society says they have extracted and published over 850 gigabytes of sensitive data, including passwords, photos of passports, social security numbers, and credit card numbers.
"Data that appears to belong to Okanagan College and its stakeholders has been posted on a dark website belonging to a criminal organization," said Okanagan College in a Tuesday statement.
The dark web refers to a part of the Internet that is accessed with a special software that allows users to be anonymous, and is often used for criminal activity.
Okanagan College first warned students and staff weeks ago of the breach that occurred on the morning of Jan. 9 by an "unrecognized external agent."
Vice Society has updated this listing and, as expected, has identified the victim as Okanagan College. <a href="https://t.co/KpBw2DqCrn">https://t.co/KpBw2DqCrn</a>
—@BrettCallow
Brett Callow, a Canadian cybersecurity threat analyst with the company Emsisoft, says Vice Society is known to target academic institutions with ransomware attacks. Ransomware is a type of malicious software that threatens to publish the victim's personal data or block access to it until a ransom is paid.
Callow says these demands can amount to tens of millions of dollars.
"Any data that a school district or a college can hold can potentially end up online," said Callow.
"There is money to be had from these attacks there's no doubt about that."
Okanagan College said they have alerted authorities to the incident and did not entertain conversations about paying a ransom.
"Regardless of the amount, even if we had paid a ransom, there still would have been no way to be absolutely certain that it would have resulted in the destruction or even non-publication of any stolen or compromised data," the college said in a statement.
Accessible by anyone
Callow says law enforcement is getting better at identifying culprits behind ransomware attacks, but there is little individuals can do if a company or public institution has been hacked.
"That data isn't limited to being used by the criminals who stole it. Once they post that information online, it becomes accessible to absolutely anyone who knows the URL," said Callow.
"There is a frightening amount of information floating around online, some of which is very sensitive."
Okanagan College says it is offering credit monitoring services to students and staff.
They do not recommend anyone attempt to access the data.
"The data was posted by hackers, and there is no guarantee that the data is safe to view and has not been infected with malware intended to cause additional harm," the college said in the statement.