Incident Overview
Mount Royal University (MRU) in Calgary, Canada, has confirmed that hackers breached its network on June 17, leading to the theft and deletion of data from its file storage systems. The attack disrupted online services, internet access, and several internal university systems. The institution has engaged technical teams and external cybersecurity experts to investigate and support recovery.
Impact and Scope
Investigation revealed that attackers accessed and stole data from folders on the university’s “H drive,” used by students and employees for file storage. The stolen data includes information on current and former students, employees, and other individuals. Additionally, attackers wiped a separate “J” drive containing departmental data, though there is no evidence that data on that drive was copied before deletion. Recovery of the deleted files may not be fully possible.
The threat group CMD Organization has claimed responsibility for the attack and published samples of stolen data, including passport scans. The group demanded a ransom of 30 Bitcoin (approximately $1.9 million) and gave the university six days to respond before leaking the full data set. MRU has reported the incident to law enforcement and the Alberta Information and Privacy Commissioner, and is offering two years of credit monitoring to affected employees.
Source: BleepingComputer
