According to the AD, which published the news on Saturday, the hackers that gained access to the server were probably Russian. It is likely that they “passed on or sold information to the Iranian Arvin Club”, which has already published some of the addresses and data. If the university is not prepared to pay 16 bitcoins (more than 450,000 euros), more information will be published online.

Leiden tells the AD that it is not bowing to the demands. The risk of identity fraud is supposedly slight and the stolen research data is anyway not secret.

Not ransomware

The university tells the AD that the server was already hacked six months ago and was still insufficiently secure. However, the server was independent of the university’s ICT environment.

This was not a ransomware attack such as that at Maastricht University in December 2019. In that incident, computer systems were encrypted by criminals and the owners could access them again only after paying a ransom. That is apparently not the case in Leiden and the systems are still working properly.

Minister Ingrid van Engelshoven recently expressed satisfaction with the steps being taken jointly by universities and universities of applied sciences to improve their digital security.