Unknown attacks University of Waterloo
Incident Date:
May 30, 2023
Overview
Title
Unknown attacks University of Waterloo
Victim
University of Waterloo
Attacker
Unknown
Location
First Reported
May 30, 2023
University of Waterloo Hit by Ransomware Attack
Canada’s University of Waterloo has been hit with a ransomware attack. The attack, launched by an unknown cybercriminal group, targeted the university’s email systems. According to Jacinda Reitsma, the school’s Vice President, the university stopped an attempted ransomware attack on May 30th and is working to limit the impact of the initial breach that preceded the cyberattack. Waterloo University is in Ontario, Canada and boasts more than 40,000 students.
Email Service Breach
“We are aware of a breach involving our on-campus email service (Microsoft Exchange). This service has now been isolated. Most Microsoft Exchange accounts are currently housed in the cloud and are not affected,” Reitsma said. “This means that for most people on campus, your email access is unaffected. As we continue to investigate the impact of this breach, we may need to isolate more services which means you may not be able to access some systems throughout the day today.”
System Shutdown and Reset
In an update on June 1st, the school revealed it was initiating a complete system shutdown and reset. Online resource access was impacted by the outages. On June 2nd, Reitsma said the shutdown was a success but recommended that staff and students change their passwords by June 8th. Those who fail to update their details by then will be locked out of their accounts.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.