The Medical University of Innsbruck was the target of a cyberattack last week that resulted in a significant interruption to IT services and the suspected loss of data. The ransomware group Vice Society has taken credit for the attack. The research institution has 2,200 staff and 3,400 students. It provides a wide range of medical services, including surgeries.
On June 20, 2022, the Austrian university announced an IT outage that limited access to web servers and computer systems. The university’s IT department reset the passwords for all 3,400 students’ and 2,200 workers’ accounts on June 21, 2022. They then contacted everyone to go through a tedious procedure of picking up their new credentials in person.
The institution eventually restarted its online services in the days that followed, as well as its main website, which had been first taken offline. In contrast, the university’s comments and status updates have just said they were attacked without going into greater detail.
The Medical University of Innsbruck was added to Vice Society’s data leak site yesterday, which also released a lengthy list of papers purportedly taken in last week’s cyberattack. According to a limited analysis of the data, the stolen data seem real, including the university’s letterhead, instructor signatures, and other indicators of validity. The University has been approached for confirmation to determine if the IT disruption is connected to the purported ransomware attack. However, a response is yet to be received.
If a ransomware strike caused the inconvenience last week, the fact that the hackers released all of the material, not just a sample, one full week after the attack might indicate that the talks for a ransom payment have failed or never happened. There isn’t any extortion going on right now because Vice Society often starts a countdown timer to extort a freshly declared victim before releasing files.
Recently, Vice Society has targeted organizations in Europe, concentrating on state/public organizations and educational institutions. At the beginning of the month, the specific ransomware gang had caused chaos in the Italian city of Palermo, depriving 1.3 million people of access to various municipal services.
A hospital in Italy, two universities in the UK, and a college in the UK are among the most recent victims named on the Vice Society onion website. The Medical University of Innsbruck is now the seventh publicly acknowledged victim of Vice in Europe over the past month.
