The hacker attack on Stanford University affected 27,000 people in 2023

The threats behind the ransomware attacks that occurred at Stanford University in 2023 accessed the information of 27,000 people.

Stanford University has confirmed that the authors of the September 2023 ransomware attack had access to information on 27,000 people. A prestigious US university has fallen victim to a ransomware attack by the Akira ransomware group. The Akira ransomware group claimed to have stolen 430 GB of data from the university's systems.

Stanford University announced this week that it would send notification letters to affected individuals and added that the Stanford Department of Public Safety was affected by the incident.

The Department of Public Safety discovered the security breach on September 27, 2023 and conducted an investigation into the incident. "The investigation determined that unauthorized personnel accessed the Department of Public Safety network between May 12, 2023 and September 27, 2023.

The unauthorized access was terminated and the network was immediately secured upon discovery of the unauthorized access," reads the update released by the university. "This incident does not affect any Stanford University systems or networks other than those utilized by the Department of Public Safety."

Threats were able to access the Department of Public Safety's network from May 12 through September 27, 2023. The compromised data varies from person to person, but may include date of birth, social security number, state identification numbers, passport numbers, driver's license numbers, and other information collected by the Department of Public Safety in its operations.

For a limited number of victims, the threats had access to biometric data, medical information, email addresses with passwords, usernames with passwords, security questions and answers, digital signatures, and credit card information with security codes.

Stanford University has confirmed that there is currently no evidence that the compromised information was misused. This is not the first security breach at Stanford University, in 2021 the ransomware group Clop stole sensitive data from Stanford Medicine.