quantum attacks Lewis & Clark College

Incident Date:

January 13, 2022

World map

Overview

Title

quantum attacks Lewis & Clark College

Victim

Lewis & Clark College

Attacker

Quantum

Location

Portland, USA

Oregon, USA

First Reported

January 13, 2022

Lewis & Clark College Suffers Ransomware Attack

Lewis & Clark College, a liberal arts institution in Portland, Oregon, has been targeted by the notorious ransomware group Vice Society. The attack was announced on March 31, 2023, and the group claimed to have leaked sensitive data onto the dark web, including passports, Social Security numbers, insurance files, W-9 forms, contracts, and more.

The college did not respond to requests for comment about whether a ransom was demanded or paid, but they did confirm that they had been hit with ransomware and were working with external information technology experts to conduct a detailed technical investigation. The outages lasted until March 7, and the school released a notice explaining that they were on track to completely eliminate greenhouse gas emissions from their portfolio by 2040.

Victim Profile

Lewis & Clark College is a top-ranked institution with a strong commitment to sustainability. Their Environmental Law program is among the nation's best, and they prioritize sustainability in all forms, including their campus, academic studies, and community initiatives. The college has a diverse student body, with students from various backgrounds and interests, including environmental studies and Earth system science.

Vulnerabilities

The attack on Lewis & Clark College highlights the vulnerabilities of educational institutions to ransomware attacks. Vice Society has been targeting grade schools, colleges, and universities, leaking sensitive data onto the dark web. The group's success in these attacks often stems from basic security shortcomings, such as unpatched programs and compromised websites.

Response

The college urged students not to respond to any attempts by the ransomware group to contact them and said there was no action for them to take at the time. They also advised students to be cautious of phishing emails and to back up their data regularly.

Previous Attacks

Vice Society has been responsible for a significant number of ransomware attacks against schools, with 49 publicly reported attacks in 2023, surpassing the number in 2022. The group accounted for nearly 20% of all attacks on educational institutions in 2023.

The ransomware attack on Lewis & Clark College underscores the importance of cybersecurity measures in educational institutions. Despite efforts to combat ransomware attacks, the number of incidents has remained consistent, highlighting the need for improved security measures and education on cyber threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.