The University of UTAH hit With Massive Ransomware Attack – Paid 0k Ransom

Recently, the University of UTAH hit with a massive ransomware attack; the university convulsed up a $457,000 ransom payment after a ransomware attack crashed the university’s servers. 

This attack has affected many students, though the attackers have not yet disclosed any students and faculty related data. On Sunday, July 19, 2020, the computing servers at the University of Utah’s College of Social and Behavioral Science (CSBS) encountered this criminal ransomware attack.

Soon after the detection of this attack, the university informed the U’s Information Security Office (ISO) regarding the ransomware attack on CSBS computing servers and networks. An unknown entity encrypted the contents, and they are no longer attainable by the college.

How Experts Resolved This Issue?

After informing the U’s information security office, the university decided to operate this situation with its cybersecurity provider to give the demanded amount to the ransomware attacker. 

This step was taken as a protective and precautionary measure to secure the information, as this precautionary measure will hold the attacker not to publish the encrypted data on the internet.

How Much Ransom was Paid and What Funds Were Used?

The university has paid $457,059.24 at the time of the transaction, to the ransomware threat actors. Here, the university used the cyber insurance policy to pay a part of the ransom, while for the rest amount, they revoked tuitions and used the grant, donation, state or taxpayer funds to pay the ransom.

Data Involved

The data that are involved in this ransomware attack included student and employee information. The university is still analyzing the whole conflict so that they can determine the nature of the data that was collected. 

While the report will be updated when further information will be published or available. Apart from this, all the CSBS servers were cleaned, and college data was reinstalled again from the system backups.


Some mitigations are recommended by the cybersecurity firm, which are to be followed by the university, students as well as university employees. The cybersecurity firm affirmed that:-

  • Everyone should use strong passwords.
  • Swap the passwords at frequent intervals.
  • Apply two-factor authentication. 

The experts asserted that all these are the best way to circumvent the security conflicts in a large, multifaceted group like the University of UTAH. Rather than this, there are no further steps that are to be taken by the members of the university.

These ransomware attacks are widespread, and they are mostly targeting all the schools, colleges, and universities. According to the research, nearly 90 universities, colleges, and school communities dropped victim to these ransomware attacks in 2019. Moreover, there are already 30 attacks have been reported in the first five months of 2020.

Also recommended to read a complete ransomware Mitigation Checklist and Anti-Ransomware Checklist.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.