MTU confirms data has been published on the dark web following ransomware attack

Munster Technological University (MTU) has confirmed that data has been published on the dark web following the ransomware attack it suffered last weekend.

In a statement this evening, the university said it has been informed by its technical advisors and members of the National Cyber Security Centre, who have been providing assistance since the attack, that certain data has been accessed and copied from MTU systems in the course of the ransomware incident and made available on the dark web.

The dark web is a collection of websites that can only be accessed by a specific browser.

MTU said the Data Protection Commission has been informed of this development.

“Our forensic experts are continuing to investigate this incident and will review the nature of the data compromised.

“While it is not possible at this early stage to fully ascertain the exact nature of all data (including personal data) affected or the identity of all persons affected by this release, we have already commenced the process of notifying those potentially affected of this development,” the statement continued.

The university advised anyone who may potentially be affected by the incident to visit the National Cyber Security Centre’s website for security advice while the investigation into the incident continues and until MTU is in a position to provide a further specific update and guidance to affected individuals.

Last Friday MTU secured an interim injunction from the High Court in an effort to prevent the sale, publication, sharing, possession, or any other use of any data illegally obtained from MTU systems in the course of the ransomware incident.

The university said it will seek to enforce that injunction “as far as possible”.

“Our forensic advisers will continue to monitor the internet at this time for evidence that this illegally removed data is being shared or published and we will work with search engines and social media networks and any other relevant digital publisher to the extent necessary and so far as is possible to enforce the injunction and have data removed.

“All possible affected persons should be extra vigilant in respect of potential attacks by email or SMS or other unsolicited communications,” MTU said.

“We wish to reassure our students, staff and all other persons potentially affected by this update that we are deploying all available resources with the support of our external forensic advisers and the National Cyber Security Centre in the investigation and mitigation of this matter,” the statement continued.

The university’s Cork campuses which were closed last week following the cyber attack are to reopen tomorrow, with classes to operate in line with existing timetables.