‘Ransomware also infected Maastricht University backup server’
According to de Volkskrant, Maastricht University has paid between 200,000 and 300,000 euros in ransom to unlock its systems, partly because the company’s backup servers were also taken hostage by ransomware.
The backup was on university servers and could be reached by the criminals behind the ransomware infection, de Volkskrant writes based on information from sources. The backup contained research data and the data of students and employees from decades. If organizations can no longer access their backups to restore systems, the hostage takers may demand more ransom. The sources of de Volkskrant speak of a ransom of between two and three tons. That is in line with what previous sources have said to university magazine Observant.
According to the newspaper, access to the university’s network had been gained months ago. This may have happened after a phishing attack. Ransomware group TA505 would have penetrated through this access to take over the systems. This would have happened before December.
Maastricht University will hold a symposium on 5 February at which the organization will release more details about the ransomware attack and what the university has learned from it. The university was hit by ransomware at the end of 2019, just before Christmas, rendering a large part of its systems unusable.