Cyberattack on Mount Royal University Leads to Data Theft and System Disruption

Mount Royal University revealed that attackers stole data from student and employee file storage drives and wiped additional departmental data, prompting an ongoing recovery effort.

CSBadmin
2 Min Read

Incident Overview

Mount Royal University (MRU) in Calgary, Canada, has confirmed that hackers breached its network on June 17, leading to the theft and deletion of data from its file storage systems. The attack disrupted online services, internet access, and several internal university systems. The institution has engaged technical teams and external cybersecurity experts to investigate and support recovery.

Impact and Scope

Investigation revealed that attackers accessed and stole data from folders on the university’s “H drive,” used by students and employees for file storage. The stolen data includes information on current and former students, employees, and other individuals. Additionally, attackers wiped a separate “J” drive containing departmental data, though there is no evidence that data on that drive was copied before deletion. Recovery of the deleted files may not be fully possible.

The threat group CMD Organization has claimed responsibility for the attack and published samples of stolen data, including passport scans. The group demanded a ransom of 30 Bitcoin (approximately $1.9 million) and gave the university six days to respond before leaking the full data set. MRU has reported the incident to law enforcement and the Alberta Information and Privacy Commissioner, and is offering two years of credit monitoring to affected employees.

Source: BleepingComputer

CSBadmin

The latest in cybersecurity news and updates.

Share This Article
Follow:
The latest in cybersecurity news and updates.