New Jersey City University hit by ransomware, extored for $700k
Learn More
New Jersey City University (NJCU) reports being hit by a ransomware cyberattack. NJCU is providing education for approximately 6,000 undergraduate and graduate students and employing several hundred faculty and staff,.
The university’s computer network was infiltrated by the Rhysida Ransomware Group, resulting in the theft of sensitive personal data. The hackers are demanding $700,000 in Bitcoin, threatening to release the stolen data if the ransom is not paid by August 3.
The cyberattack took place over a period from June 4 to June 10, 2024. However, the university did not inform staff and students about the breach until seven weeks later, on a Friday. School officials have not disclosed when they first learned of the breach.
NJCU has notified law enforcement authorities and took measures to secure their computer network.
The ransomware attack resulted in the theft of:
- Social Security numbers
- Driver’s license numbers
- Financial account numbers
- Credit card numbers
The number of individuals affected by the breach has not been specified. However, given NJCU's size, it potentially involves a substantial portion of the university community.
NJCU has pledged to provide complimentary identity monitoring services to those potentially affected by the breach. The university has promised to send notices and set up a dedicated assistance line for individuals to confirm if they were impacted, though the phone line service is not yet operational.
Update - as of 8th of August 2024, nearly all personal and financial data of thousands of students and staff impacted by the ransomware attack on New Jersey City University were released of on the dark web after the university refused to pay a $700,000 ransom in Bitcoin.
