lockbit2 attacks Mercy Hurst University
Incident Date:
May 18, 2022
Overview
Title
lockbit2 attacks Mercy Hurst University
Victim
Mercy Hurst University
Attacker
Lockbit2
Location
First Reported
May 18, 2022
Mercyhurst University Suffers Ransomware Attack by Lockbit2
Mercyhurst University, a distinguished private Roman Catholic institution based in Erie, Pennsylvania, recently fell victim to a ransomware attack orchestrated by the notorious group Lockbit2. The university's president, Dr. Kathleen Getz, disclosed the incident in a communication dated May 18, 2022. The cybercriminal group announced their successful infiltration of the university's systems on May 17, 2022, and subsequently publicized the attack on their dark web leak site.
Established in 1926, Mercyhurst University has been committed to providing a comprehensive educational experience, offering a variety of academic programs including 4-year bachelor's, 2-year associate, and 1-year certificate programs. With an enrollment of approximately 2,800 students and a staff of over 668 employees, the university generates around $148 million in annual revenue. It boasts a diverse range of academic disciplines, with more than 100 majors and programs available to its student body.
The ransomware attack underscores the persistent vulnerabilities faced by educational institutions in the realm of cybersecurity. Despite concerted efforts to safeguard its data, Mercyhurst University experienced unauthorized access to its computer network, leading to the compromise of sensitive information pertaining to both students and faculty members. This incident highlights the potential financial and reputational repercussions that can ensue when institutions become targets of ransomware campaigns.
Lockbit2, the group behind this attack, is notorious for its aggressive approach, frequently targeting entities across various sectors, including education. Their modus operandi involves threatening to release stolen data unless a ransom is paid. This attack on Mercyhurst University serves as a stark reminder of the critical need for robust cybersecurity defenses and the importance of maintaining vigilance against such cyber threats.
Sources
- Mercyhurst University. (n.d.). Experience Life as a Laker.
- Console and Associates, P.C. (2022, November 23). Mercyhurst University Announces Data Breach.
- Erie News Now. (2022, May 18). Some Mercyhurst University Servers Hit by Ransomware.
- DataBreaches.net. (2022, May 17). PA: Ransomware group claims to have hit Mercyhurst University.
- SuspectFile. (2022, May 17). Erie, US-PA: Mercyhurst University ransomware attack.
- SuspectFile. (2022, May 22). LockBit cancels Mercyhurst University from its website: ransom paid?
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.