Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps

'After careful consideration' uni decided to pay up using its insurance policy

The University of Utah has admitted to handing over a six-figure pile of cash to scumbags to undo a ransomware infection during which student and staff information was stolen by hackers.

The American school that gave the world science fiction author Orson Scott Card, ballistic missile designer Simon Ramo, and NBA player Keith Van Horn says that last month it paid crooks $457,059.24 to reverse an attack on the network of its College of Social and Behavioral Science.

While there wasn't much data stolen in the July 19 attack (the school estimates that around .02 per cent of its info was actually taken and encrypted) what was accessed was sensitive enough that the school opted not to risk having it get out.

"After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker," University of Utah says.

"This was done as a proactive and preventive step to ensure information was not released on the internet. The data contained student and employee information"

At least the school came clean about the whole incident and told people what was going on. We've recently seen what happens when you try to cover up these sort of things.


'We stopped ransomware' boasts Blackbaud CEO. And by 'stopped' he means 'got insurance to pay off crooks'


It used to be that paying ransomware demands was a non-starter for companies and institutions, as the common wisdom was that it would only encourage criminals and might not even result in the recovery of your data.

That idea, however, has gone by the wayside as ransomware crooks figured out that there was more money to be had by posting the pilfered data online for all to see rather than just locking it up and asking for Bitcoin.

Crews like Maze have made a habit of asking for hush money, then posting their ransomware data when companies don't pay up. As a result, the idea of meeting the demands of attackers is not as far-fetched as it used to be, with the FBI even providing guidance to companies that want to pay for their data.

That said, it is recommended that any payments are done with the guidance of a security expert who is familiar with the ransomware group and can make sure you actually get your data back once the payment is made.

University of Utah says that none of the money it handed over to the criminals came from the student tuition, grants, or state taxpayer funds it takes in. Rather, a portion came out of a "cyber insurance" policy it keeps and the remainder was from the school's private accounts.

In addition to paying out nearly a half-million dollars, the school is asking students and faculty to change their passwords as a precautionary measure, and it says it will look to beef up its network security. ®

Similar topics

Broader topics

Other stories you might like

  • Red Hat Kubernetes security report finds people are the problem
    Puny human brains baffled by K8s complexity, leading to blunder fears

    Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us.

    The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity.

    Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.

    Continue reading
  • Infosys skips government meeting - and collecting government taxes
    Tax portal wobbles, again

    Services giant Infosys has had a difficult week, with one of its flagship projects wobbling and India's government continuing to pressure it over labor practices.

    The wobbly projext is India's portal for filing Goods and Services Tax returns. According to India’s Central Board of Indirect Taxes and Customs (CBIC), the IT services giant reported a “technical glitch” that meant auto-populated forms weren't ready for taxpayers. The company was directed to fix it and CBIC was faced with extending due dates for tax payments.

    Continue reading
  • Google keeps legacy G Suite alive and free for personal use

    Google has quietly dropped its demand that users of its free G Suite legacy edition cough up to continue enjoying custom email domains and cloudy productivity tools.

    This story starts in 2006 with the launch of “Google Apps for Your Domain”, a bundle of services that included email, a calendar, Google Talk, and a website building tool. Beta users were offered the service at no cost, complete with the ability to use a custom domain if users let Google handle their MX record.

    The service evolved over the years and added more services, and in 2020 Google rebranded its online productivity offering as “Workspace”. Beta users got most of the updated offerings at no cost.

    Continue reading

Biting the hand that feeds IT © 1998–2022