LockBit gang claims attack and data theft from University of Siena

The University of Siena, a prestigious Italian institution founded in 1240, is dealing with a major cybersecurity incident that has severely disrupted multiple university services and temporary shut down of its systems.

The university announced on May 10th that it was experiencing a 'massive cyber attack by an international group of hackers,' leading to the suspension of various services, including:

• International admissions website
• Ticketing services
• Payment management platforms

The university has initiated recovery operations with the support of the Italian National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale). While LockBit's involvement has not been officially confirmed, the university has taken significant steps to manage the crisis.

LockBit 3.0 gang claims to have exfiltrated 514 GB of sensitive data from the University of Siena's systems. Screenshots of the stolen data have been shared on the LockBit 3.0 leak site and the group's Telegram channel. The compromised data includes:

• Budgets detailing monthly expenses from 2020 to 2024.
• Board-approved documents on project and tender financing from 2022 to 2026, including funding amounts.
• Documents related to extraordinary construction works, contractor appointments, and a €1.7 million budget allocation.
• Non-disclosure agreements for the upcoming WineCraft 2024 event.
• Tender design contracts for 2023, including contract budgets.
• Contractor’s investment plan for 2022, detailing expenses, rents, and the overall financial plan.

It's unclear whether any PII and individuals data are compromised.

The university has advised students to refrain from repeated inquiries, apologized for the inconvenience and promised to respond to assistance requests as soon as possible.