Stanford University has confirmed an ongoing investigation into a cybersecurity incident following an attack by the Akira ransomware group. The attack, which occurred on October 27, resulted in the group claiming to have stolen 430 GB of data from the university. While details about the incident remain limited, Akira stated it had accessed “private information, confidential documents, etc.,” without providing further specifics.
The attack was reportedly confined to one system within Stanford’s Department of Public Safety (SUDPS), the campus police department. Stanford’s statement assured that no other part of the university or emergency response services were impacted.
This marks the third ransomware attack on the university in recent years, with Akira being a relatively new but concerning player in the ransomware landscape. Security experts suspect the involvement of experienced operators, possibly linked to the Conti group, known for their high-profile attacks.
The investigation is ongoing, with the university’s privacy and information security teams working diligently alongside external specialists to resolve the incident.