alphv attacks North Carolina

Incident Date:

April 12, 2022

World map



alphv attacks North Carolina


North Carolina




Greensboro, USA

North Carolina, USA

First Reported

April 12, 2022

North Carolina A&T University Suffers Ransomware Attack

Victim Profile

North Carolina Agricultural and Technical State University (N.C. A&T) has been targeted by the ransomware group Alphv, with the attack confirmed on their dark web leak site. The university operates in the Education sector and has a website at

N.C. A&T is a land grant, doctoral research university with a national reputation in STEM education. It has a student body of 13,530, with 70,000-plus alumni across America. The university is known for its high-achieving students, who excel in various academic competitions and have made significant contributions in various fields, from Silicon Valley to the halls of Congress.


The specific vulnerabilities that led to the ransomware attack on N.C. A&T are not detailed in the search results. However, it is mentioned that the attackers were able to access county data, suggesting a potential weakness in the university's data security measures.


The attack on N.C. A&T is significant due to the university's reputation and the potential impact on its operations. The university has not responded to requests for confirmation on whether it is a ransomware attack, but the Alphv group has claimed responsibility.


The university has not provided details on its response to the attack, but it is mentioned that the county's IT staff discovered "irregularities" in their system and called in a team of outside experts to launch a forensic investigation and help secure their servers.

Previous Attacks

North Carolina has been a target for ransomware attacks, with Bladen County experiencing an attack that forced officials to call in the state's national guard for assistance. Other local governments and counties across the U.S. have also been affected by ransomware attacks on a weekly basis.

The ransomware attack on N.C. A&T highlights the ongoing threat of cyberattacks on educational institutions. While the specific vulnerabilities leading to the attack are not detailed, it underscores the importance of robust cybersecurity measures to protect sensitive data and maintain operational continuity.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.