The Vice Society ransomware gang has claimed responsibility for last week’s cyberattack against the Medical University of Innsbruck, which caused severe IT service disruption and the alleged theft of data.
The research university has 3,400 students and 2,200 employees and offers extensive medical care services, including surgeries.
The Austrian university disclosed an IT outage on June 20, 2022, restricting access to online servers and computer systems.
On June 21, 2022, the university’s IT team proceeded to reset all 3,400 students’ and 2,200 employees’ account passwords and called everyone to go through a manual process of personally collecting their new credentials.
In the days that followed, the university gradually restored its online services and returned operations to its main site, which had previously been initially taken offline.
However, the university has only mentioned that they were attacked but did not provide any further details in their published statements and status updates.
Vice Society claims responsibility for attack
Yesterday, Vice Society added the Medical University of Innsbruck to its data leak site, leaking an extensive list of documents allegedly stolen during last week’s cyberattack.
A limited review of the leaked data confirms that they appear genuine and have the university’s letterhead, lecturer signatures, and other authenticity elements.
Bleeping Computer has contacted the Medical University of Innsbruck to validate if the IT disruption is linked to the alleged ransomware attack, and we will update this post as soon as we receive a response.
If a ransomware attack is indeed the reason behind last week’s disruption, the fact that the hackers posted all data and not just a sample, a full week after the attack occurred, could mean that the negotiations for a ransom payment have reached a dead end, or never took place.
Typically, Vice Society uses a countdown timer to extort a newly announced victim before publishing files, so there’s no extortion taking place now.
Vice against Europe
Vice Society has been targeting European organizations lately, focusing specifically on state/public entities and educational institutes.
At the start of the month, we reported that the particular ransomware group wreaked havoc in the Italian city of Palermo, depriving 1.3 million people of enjoying a broad spectrum of the municipality’s services.
Other victims listed recently on the Vice Society onion site include a college in the UK, a hospital in Italy, and two universities in the UK. This makes the Medical University of Innsbruck the fifth disclosed European victim of Vice in the past month.
Update June 28, 2022: A spokesperson of the Medical University of Innsbruck has reached out to Bleeping Computer to confirm that last week’s IT disruption was indeed caused by the Vice Society attack. In terms of the leaked data, the spokesperson provided the following comment:
Data from servers of the Medical University of Innsbruck have been published on the dark web. Analysis and investigations into the extent and nature of the data are currently underway.
We ask for your understanding that we are currently unable to provide any further information on this. We fully support the authorities in their investigations.
Source: www.bleepingcomputer.com