University of California pays over $1M to ransomware gang

A ransomware gang has struck gold again, this time for more than $1 million.

The University of California, San Francisco (UCSF) announced on June 26 that it paid $1.14 million to a ransomware group.

“We … made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained,” said the university, which had an endowment with assets of $4 billion as of June 30, 2019.


The breach occurred on June 1 at the UCSF School of Medicine’s IT network. The university initially addressed the incident in a short statement on June 17, though it wasn’t identified as ransomware at that time.

UCSF said it quarantined several IT systems within the School of Medicine and claims to have successfully isolated the incident from the core UCSF network.

“Importantly, this incident did not affect our patient care delivery operations, overall campus network, or COVID-19 work,” UCSF said.

Fox News has reached out to UCSF with a request for comment.

On June 3, Netwalker, a criminal ransomware organization, claimed, in a post published on its site, that it had hacked into UCSF\’s network, according to Bleeping Computer.

In that post, Netwalker listed some breached files, “including student applications with social security numbers, and folder listings appearing to contain employee information, medical studies, and financials,” Bleeping Computer wrote.

Netwalker is a prime example of a cybercriminal enterprise as a business model. Netwalker has evolved into a “ransomware-as-a-service (RaaS) operation” and even has a group of “affiliates” that target “enterprise networks” in order to reap larger rewards, Bleeping Computer added.

To the dismay of businesses and institutions across the U.S., ransomware has become a successful business model, earning hundreds of thousands and in rare cases, over $1 million dollars per attack.

Victims have handed over more than $140 million total to cybercriminals over the last six and a half years, ZDNet reported, citing data from the FBI.

Some of the larger examples include a $600,000 ransom paid by the Riviera Beach City Council in Florida in June 2019 and a $500,000 payment from Lake City, Florida that same month.

In 2017, South Korean web-hosting company Nayana paid nearly $1 million, which was the largest payment ever at the time.


Business Achievement Awards