lockbit2 attacks University of Detroit Mercy

Incident Date:

February 4, 2022

World map



lockbit2 attacks University of Detroit Mercy


University of Detroit Mercy




Detroit, USA

Michigan, USA

First Reported

February 4, 2022

University of Detroit Mercy Suffers Ransomware Attack by LockBit2

The University of Detroit Mercy, a Catholic university in the Jesuit and Mercy traditions, has been targeted by the ransomware group LockBit2. The attack was announced on the group's dark web leak site, and the victim's website is the University of Detroit Mercy. The university operates in the Education sector and has been ranked highly in various categories, including graduate programs and affordability.

The University of Detroit Mercy is a mid-sized institution, with a focus on providing affordable education and a diverse student body. The university has recently implemented a program offering free tuition to first-year students who meet certain eligibility requirements. Despite these efforts, the university has been targeted by LockBit2, highlighting the ongoing challenges faced by educational institutions in protecting their digital assets.

LockBit2 is known for its aggressive tactics, often targeting organizations in various sectors, including education. The group has been linked to several high-profile attacks, including one on the Savannah College of Art and Design (SCAD), which resulted in the leak of sensitive student data. The attack on the University of Detroit Mercy underscores the need for robust cybersecurity measures in the education sector, where sensitive information is regularly handled.

The LockBit2 ransomware group has claimed to have stolen a database of phone numbers, email addresses, and other sensitive information from the university. The group has given the university a two-week deadline to pay an undisclosed ransom. The attack has disrupted the university's operations, potentially affecting students and staff.

The education sector has been a significant target for ransomware attacks in recent years, with several U.S. colleges and universities falling victim to these types of attacks. The FBI has issued warnings for higher education institutions, emphasizing the need for increased cybersecurity measures.

The University of Detroit Mercy is not alone in facing these challenges. Other institutions, such as Savannah State University, Centralia College, Phillips Community College of the University of Arkansas, National University College, and North Carolina A&T University, have also been targeted by ransomware groups.

In conclusion, the University of Detroit Mercy's ransomware attack by LockBit2 highlights the ongoing threat faced by educational institutions in the digital age. Despite efforts to improve cybersecurity, these organizations remain vulnerable to targeted attacks. It is crucial for universities to invest in robust cybersecurity measures and to stay vigilant against emerging threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.