The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus.
MUN is the largest public university in Atlantic Canada, with an academic and administrative staff of 3,800, and over 19,000 students from 100 countries.
On December 29, the university detected a cyberattack and activated security protocols that included isolating impacted systems and launching an investigation.
Systems at Grenfell campus were impacted and the organization decided to shut down IT serices at the Marine Institute as well, as a precaution.
The university announced on January 2nd that the services at the Marine Institute campus have been restored.
As the 2024 winter semester approaches, the university’s staff is working against the clock to ensure all systems are fully restored and operational in time.
For the Grenfell campus specifically, the start of classes, in person and remote, was postponed from January 4 to January 8.
Additional specialists from other campuses are supporting Grenfell’s IT team to expedite the system restoration process.
In an update yesterday, the university announced that internet and WiFi for resident students are still not operational. The payment terminals for credit and debit card transactions are also not working.
“Safely returning IT services will take time, and the university recognizes the challenges created for all members of the Grenfell Campus community,” MUN says in the latest update.
To prevent unauthorized access to their accounts, MUN staff and students are required to reset their MUN login passwords after January 1.
Accoriding to the university, there is no indication that the cyberattack has impacted systems or data on other campuses.
MUN says it has informed law enforcement authorities in Canada about the incident but has not been able to determine yet if student data on Grenfell has been compromised.
“As our investigation progresses, we will be undergoing a thorough review and validation process to identify what, if any, data has been impacted or shared,” reads the relevant FAQ entry.
“If our investigation determines that any personal information was impacted, we will notify those individuals directly.”
By the time of writing this, none of the major ransomware groups has taken responsibility for the cyberattack on MUN.
Source: www.bleepingcomputer.com