A notorious ransomware gang has taken to Twitter to shame Newcastle University after infecting its systems with data-crippling malware. The criminals are threatening to release the British university’s data publicly if their demands aren’t met.
The public research university reported the attack as a “cyber incident” that took place on September 4 and prompted the institution to shut down a number of its IT systems, IT Pro reports.
Claiming credit for the attack, the DoppelPaymer gang took to Twitter to shame the institution and its students for the embarrassing event.
“Dear students of the New Castle University Congratulations with an upcoming release of your personal data. What a great start of a new educational year,” the gang tweeted Monday.
The criminals have posted some of the data on the dark web, threatening to release more if the university doesn’t fulfill their demands. At this point, it’s unknown how much the hackers demanded, nor if Newcasle has any intention of paying.
However, the university doesn’t seem keen to meet the hackers’ demands, considering it announced it could take “several weeks” to address the event. It has drafted in several third-party security experts to help with recovery and assess the damage.
The institution has also alerted the Information Commissioner’s Office (ICO) and police. The ICO is the UK’s regulatory body responsible for dishing out fines under the GDPR for data breaches involving personally identifiable information. If Newcastle University is found negligent, it will face a (likely substantial) penalty from the watchdog.