The university told AD that the server had previously been hacked six months earlier and its security was still not quite up to par. However, the server was said not to be linked to the university’s IT environment.
On Monday morning, all EUR employees received an e-mail urgently requesting all employees who administer web servers of their own to report these servers to the IT service desk. “Web servers are often the target of hackers and if they are not properly secured, they pose a significant risk to EUR’s computer environment. In addition, external web servers of EUR researchers and collaborating organizations are often managed by people who have little experience with web server management,” the e-mail stated.
Hackers demand 16 bitcoins
By now the Iranian club has published some of the addresses and data stolen from the Leiden-based server. If the university is unwilling to pay 16 bitcoins (more than €450,000), more information will be posted online. Leiden University told AD that it would not accede to the hackers’ demand, saying that the risk of identity fraud is limited and that the stolen research data are not confidential.
The data theft did not constitute a ransomware attack, such as the one with which Maastricht University was hit in December 2019. Ransomware attacks involve the encryption of computer systems by criminals and system owners not being granted access to their own networks until they have paid a ransom. Apparently, this is not what happened in Leiden, where the systems are functioning properly.
A little while ago, Minister for Education Ingrid van Engelshoven said she was happy with the joint steps taken by Dutch tertiary education institutions to improve their Internet security.