LockBit Claims 514 GB Of Data From University Of Siena

Ransomware group claims 514 GB of data including financial and confidential documents from attack

by Alan J May 20, 2024 in Cybersecurity News Reading Time: 3 mins read 0

591 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

The of Siena, a distinguished Italian academic institution established in 1240, is currently grappling with a significant cybersecurity incident. The ransomware group has claimed responsibility for the attack that has disrupted multiple university services, leading to the temporary suspension of its systems.

As one of Europe's oldest universities, Siena offers extensive programs in sciences, medicine, engineering, economics, and social sciences.

In response to the crisis, the university has initiated recovery operations with the support of the Italian (Agenzia per la Cybersicurezza Nazionale), although the involvement of has not yet been officially confirmed.

University of Siena Data Breach and Ransom Demand

According to the new LockBit 3.0 leak site, the group has allegedly exfiltrated 514 GB of from the university's systems. Screenshots of the stolen data were shared on both the leak site as well as the group's Telegram channel. The stolen data reportedly includes:

Financial Documents including :

  • Budgets detailing expenses by month from 2020 to 2024.
  • Board-approved documents regarding project and tender financing from 2022 to 2026, including funding amounts.
  • Documents related to extraordinary construction works, contractor appointments, and a €1.7 million budget allocation.

Confidential Information including:

  • Non-disclosure agreements for the upcoming WineCraft 2024 event.
  • Tender design contracts for 2023, including contract budgets.
  •  Contractor's investment plan for 2022, encompassing expenses, rents, and the overall financial plan.

Source: LockBit leak site

Source: LockBit Telegram

With a looming ransom deadline set for May 28, the university is racing against limited time to deal with the consequences of the digital assault.

Earlier on May 10th, the acknowledged the cyber attack on its website, informing the public about the suspension of various of its services due to a ‘massive cyber attack by an international group of hackers.'

University's Response and Restoration Efforts

The website acknowledged that several of its services including its website for international admissions, ticketing services, and payment management platforms had been affected and were taken down as a preventative measure.

The notice assured users that payments made prior to the attack had been registered despite a temporary disconnect between the website's payment confirmation and application processing.

Source: http://www.apply.unisi.it

However, the notice also stated that the volume of assistance requests being received from international candidates following the incident was found to be overwhelming to its staff. The notice advised students to refrain from sending multiple inquiries, promising to respond as soon as possible.

The notice provided separate advice to both candidates who had already paid university fees but did not submit applications and candidates who submitted admission applications but had not yet paid their application fees.

The site stated in bold that students who fall in the above mentioned categories should avoid unnecessary contact with staff, while apologizing for the inconvenience caused by the issue.

The attack on the University of Siena is one of the largest attacks claimed by the LockBit group following the recent disruption to its activities after its coordinated takedown by law enforcement groups. The incident underscores the group's persistent efforts to remain active in their efforts despite these operational challenges, while emphasizing their ability to still cause massive disruption to victims.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button