Staff and students of Munster Technological University (MTU) are being urged to be vigilant after data was “accessed and copied” from its computer systems in a cyberattack and shared on the dark web.
The warning comes as the university prepares to re-open today and resume lectures following a temporary shutdown of its Cork campuses.
MTU is working with the National Cyber Security Centre to investigate the attack, believed to have been carried out by a Russia-based hacking collective known as Blackcat or APLHV.
The director of the National Cyber Security Centre, Richard Browne, said that efforts will be made in the next few days to establish what information was released.
He explained: “Unfortunately, it’s a consequence of what happens in these cases.”
Very often when this material is released, very little happens with us depending on what it is. And of course we don’t know exactly what it is yet.
“Every now and then people’s personal information is used for fraud, it’s used for financial crime, it’s used for whatever it might be. So the obvious things apply.”
People have been urged to keep an eye on their financial details, particularly with an increase in scams in recent months.
Mr Browne continued: “The attackers have done what they’re going to do. This is an extremely prolific group and their leak site has over 250 victims.
They have spent their money and have got nothing back from it. They’re done. And the question for us now is how do we limit the damage of that data being out there in the world?
On Sunday, MTU said in a statement: “(we) have received confirmation from our technical advisors and members of the National Cyber Security Centre who have been assisting us in relation to this incident that certain data has been accessed and copied from MTU systems in the course of the ransomware incident and made available on the ‘dark web’.”
The Data Protection Commission has been informed of the breach.
Students and staff have been warned to look out for potential attacks by email or SMS.
The student union has also shared information on how to recognise a “phishing email” which is where an email contains malicious links.
On Friday, MTU secured an interim High Court injunction to help prevent the use of any data that may have been illegally taken from its systems.
However, a Cork solicitor, who is taking a case on behalf of a cancer patient affected by the HSE cyberattack, queried the effectiveness of the injunction, following a similar move by the HSE in 2021.
“Injunctions are great but where someone chooses not to obey, it is very hard to do much about it,” Michael O’Dowd said.
It seems that this case is linked to Russian hackers, they are not terribly beholden to Irish law and could ignore it.
“I think the reason it is being done, as it is likely that litigation may well come from these, it is something that would ultimately lead MTU, in this case, to say they have taken every step they could, including getting an injunction.”
Mr O’ Dowd, based in Glanmire, is representing two patients who were affected by the hack on the Mercy University Hospital.
He said it has proved to be challenging to find out what is happening.
“People still don’t really know anymore than they knew two years ago, nothing new,” he said, referring also to patients whose data was confirmed as shared online by the HSE at the time.
“Nothing new, and trying to find it out even though the court system has been met with resistance.”
The HSE is now writing to about 100,000 people whose data was affected in the attack.
He has warned that those affected in MTU could face years of uncertainty about how their data was used.
Justice and Higher Education Minister Simon Harris said he welcomed the involvement of the Gardai and the National Cyber Security Centre in combating the MTU cyb
