The Medusa ransomware group made a threat to expose sensitive data it obtained from the Open University of Cyprus (OUC). Medusa claimed responsibility for the cyberattack on OUC last month, which paralyzed the organization's major functions.
OUC Given 14 Days to Forward $100,000 in Exchange for Private Data of Students, Research Contractors
As reported by Bleeping Computer, the Medusa ransomware gang updated its data leak website with a post listing OUC as its latest cyberattack victim. According to the post, Medusa is giving the educational institute 14 days to deliver the $100,000 ransom, or else the group will leak private information from OUC on its leak site.
Medusa also plans to sell the hacked data for the same price to anyone interested to get a hold of it. The group also offers to delete the data for good if OUC will pay them a separate $100,000, or give them a deadline extension for the price of $10,000 per day.
To prove that Medusa has OUC's private files, the group posted data samples that show lists of students' personal information and financial records of the university's research partners, among others.
OUC made the confirmation last week that the organization was targeted by a cyberattack on March 27, which led to the disruption of its main services. The institute had to shut down its network system to prevent the threat actors from accessing more data.
"As a precaution, access is not provided to the University's eLearning Platform, Employment Portal, the Portal for applications of prospective students, and other critical systems that mainly concern the University community," the OUC stated. Furthermore, the institute said that the deadlines for the submission of school works shall be extended by the academic staff.
As an online university based in Nicosia, Cyprus, OUC offers a remote learning setup to its students. It offers 30 tertiary education programs to its current roster of 4,200 students. OUC is also an active participant in several scientific research projects.
Before the OUC cyberattack, the island nation of Cyprus has been targeted many times by threat actors since the year started. The other recent major cyberattack on the country was on March 8, wherein the online portal of Cyprus' national land registry was compromised. This caused the freezing of registrations amounting to €150 million. The agency also had to pull its network offline for an extended period, and the only plausible solution was to build a new portal.
Related Article: Ransomware Attack on Oakland Worsens with More City Data Leaked on the Dark Web
The History of Medusa Ransomware Gang
Most ransomware groups target huge private corporations and government offices to extort money, but educational organizations seem off-limits to them. Unfortunately, Medusa appears to spare no one when it comes to its online criminal activities.
The ransomware gang's recent activity before the OUC attack was in early March, where it targeted Minneapolis Public Schools District. Medusa demanded a $1 million ransom. The group reportedly attempted to hack the system of the University of Cyprus and the Ministry of Defense. Fortunately, these two organizations were able to detect Medusa's attempt and secured their respective networks.
Medusa's first sign of activity was traced back to June 2021, Tech Radar reported. However, the group has only become infamous this year with its successful heists. It should be noted that other ransomware groups go by the same name, which can be confusing to the media.
Read Also: City of Toronto Suffers Cyber Attack from Clop Ransomware Group
