More than 65K Students Lose Personal Data in Whitworth University Ransomware Attack
Table of Contents
- By Steven
- May 25, 2023
Whitworth University is a small private Christian university located in Spokane, Washington. The school manages information for more than 3,000 students each year, and all that data was put at risk when the school was hit by a ransomware attack. The unexpected attack caused the students to lose personal data and put them at serious risk of an identity theft attack. This university earns approximately $150 million in revenue annually and maintains a staff of over 720 people. It's a serious private institution that is responsible for the data of many students, which is why as many as 65,593 students could be exposed in this breach.
How Did the Attack Occur?
The Whitworth University attack occurred by a group of hackers that broke into the network, began copying and encrypting files, and leveraged its position to try and get a ransom from Whitworth. The attackers asked for a ransom to give the information back and to keep from spreading the data around the internet. The attack occurred on July 29, 2022, and after a full investigation, it was determined that over 65,500 students were affected by this breach.
What Information Was Viewed or Stolen?
The majority of the data taken during this breach was personal student information. Data such as Social Security numbers, health information, birth dates, student ID numbers, passport numbers, and more were taken in this data breach. That information could be seriously harmful to the students involved in this breach, and it's a reason for them to be worried about what will happen to their data.
How Did Whitworth University Admit to the Breach?
The university made a notice that was sent to the Maine Attorney General on April 28, 2023. That notice explains how many students were impacted by the breach, what information was lost, and how the breach occurred. The notice went out at the same time as all the individual notices to the students of the university. If you receive a notice, you should be aware that your data is at risk and you could be exposed to the breach.
What Will Become of the Stolen Information?
The Whitworth University data that was taken in this breach could be spread around the internet, used for identity theft or for fraud, or resold to other hackers. It's unclear whether the University is willing to pay the ransom or not, but if not, then the students involved will have to deal with the aftermath of their personal data being distributed.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a notice from the university explaining to you that your data is at risk, you should immediately start monitoring your credit for issues. You can do this by checking your credit reports regularly or by investing in a credit monitoring service. Watch over your credit to see what changes are made to your credit profiles. If you see something strange, immediately contact the credit bureaus to explain what's going on, talk with the lenders involved in the new accounts and let them know they are fraudulent.