Cyberattack on University of Maribor disrupts faculty operations

The University of Maribor has been hit by a significant cyberattack, leading to substantial disruptions across its digital infrastructure. The incident, believed to be a ransomware attack, has been linked to the Russian-speaking hacker group known as Team Babuk.

The cyberattack was first detected on Wednesday night, October 23, 2024 prompting an incident management response action from the university’s IT department. By the following morning, it became evident that the attack had severely compromised the university’s digital services. Both students and staff are affected, with many core systems either partially or completely inaccessible, including:

• Internet Connectivity: Disrupted, affecting both students and staff.
• Student e-Services: Unavailable, hindering academic activities.
• Employee Services: Inaccessible, impacting administrative functions.
• Domain Registration: Issues with computer registrations in lecture rooms and labs.
• Digital Identity Services: Problems with authentication services.
• Email Services: Employee email accounts were compromised.

The number of affected individuals is not disclosed, but the university has about 13,000 students and about 1,800 staff. It's reasonable to assume most are impacted by this attack.

The university's administration immediately informed students and staff about the attack, advising them to take security measures, such as changing passwords used in other services. External services like Microsoft 365 remained operational until existing login sessions expired, but new logins were not possible.

The university is working to maintain normal class schedules.

Students and employees have been advised to cange passwords immediately if the same credentials are used for other accounts, be cautious of phishing attempts, and monitor email accounts and personal information for any suspicious activity.