Stolen MTU data appears on dark web following IT breach

13 Feb 2023

Image: © cendeced/Stock.adobe.com

MTU has secured an interim injunction by the High Court to try to prevent the publication of stolen data and reportedly believes Russian cybercriminals are behind the breach.

Munster Technological University (MTU) has confirmed that some of its stolen data has appeared on the dark web after it was hit by a cyberattack

The university was forced to close its Cork campuses last week due to a “significant” breach and telephone outage.

This breach was later confirmed to be a ransomware attack, designed to encrypt the university’s systems and steal data.

In an update yesterday (12 February), MTU said its technical advisors confirmed that stolen data has appeared on the dark web. The exact nature of the stolen data has not been fully specified, but MTU said it has started contacting those who may be affected by the breach.

The university said it will provide a specific update when it knows more about the stolen data. MTU also advised affected individuals to follow a phishing guide by the National Cyber Security Centre and to remain “extra vigilant” of potential attacks.

The university said it secured an injunction from the High Court to help prevent the sale, publication, possession or any other use of the stolen data. MTU told the court that a Russian cybercriminal group may be responsible for the attack, The Journal reports.

“Our forensic advisers will continue to monitor the internet at this time for evidence that this illegally removed data is being shared or published,” MTU said.

“We will work with search engines and social media networks and any other relevant digital publisher to the extent necessary and so far as is possible to enforce the injunction and have data removed.”

While the university tries to resolve the data breach, it has re-opened classes in its Cork campuses starting today (13 January), with return-to-campus guidelines being issued to staff and students.

Cybercriminals have been known to target important sectors to increase the chance of ransom demands being met, such as the “significant and serious” attack on Ireland’s Health Service Executive in 2021.

In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com