What happened in the University of Oklahoma cybersecurity incident?

The University of Oklahoma detected unusual activity on their IT network, leading to the isolation of certain systems. The Fog ransomware group claimed responsibility for the attack, stating they had stolen 91 GB of data including employee data, financial information, and additional unspecified data.

When did the attack occur?

The attack coincided with the university's first day of the spring semester, following a period when employees were working remotely due to campus closure from a snow storm.

Who is responsible for the attack?

The Fog ransomware group claimed responsibility for the attack. According to Arctic Wolf researchers, this group primarily targets U.S. educational institutions, with 80% of their victims being in the education sector.

How many people could be affected by this breach?

While the University of Oklahoma serves over 34,000 students, the exact number of individuals affected by the breach has not been disclosed. The stolen data allegedly includes employee data and financial information, with a total claimed volume of 91 GB.

Incident

University of Oklahoma reports cybersecurity incident

Q: What is the typical attack method used by the Fog ransomware group?

The group typically exploits compromised VPN credentials across two different VPN gateway vendors to gain unauthorized access to their targets' systems.

published: Jan. 15, 2025

Learn More

The University of Oklahoma (OU) is reporting a cybersecurity incident after detecting unusual activity on their IT network. The university, which serves over 34,000 students, has isolated certain systems as part of their incident response.

The incident was publicly exposed when the Fog ransomware group claimed responsibility on their leak site. The timing of the attack coincided with the university's first day of the spring semester, following a period where employees were working remotely due to campus closure from a snow storm. Exposed data allegedly includes:

Employee data
Financial information
Additional unspecified data
Total claimed data volume: 91 GB

The number of affected individuals is not disclosed.

The attack appears to be part of a larger campaign by the Fog ransomware group. According to Arctic Wolf researchers, the group has primarily targeted U.S. educational institutions, with 80% of their victims being in the education sector. Their typical attack vector involves exploiting compromised VPN credentials across two different VPN gateway vendors.

University of Oklahoma reports cybersecurity incident

Read More
Blacon High School near Chester forced to close …
Ransomware gang Dire Wolf claims breach of WineWorks …
Akira ransomware gang claims attack on TETRA Technologies
South African Weather Service hit by ransomware attack
ANU Enterprise reports ransomware attack