The University of Hawaii has reached an agreement with those responsible for a ransomware attack on the Hawaii Community College network.
The attack was first reported June 13 and involved compromised data containing the personal information of roughly 28,000 individuals, including current and former faculty and students.
The University of Hawaii opted to negotiate with the hackers in order to protect the individuals whose sensitive information may have been compromised.
“A significant consideration in this decision-making process was that the criminal entity responsible for the attack has a documented history of publicly posting the stolen personal information of individuals when agreement with the impacted entity was not reached,” HCC stated today in an email. “Working with an external team of cybersecurity experts, UH reached an agreement with the threat actors to destroy all of the information it illegally obtained.”
The email from HCC did not disclose the terms of the agreement or how much the hackers were paid.
A source familiar with the agreement said it was in the low six-figure range, but declined to give the actual amount.
The source also said the funds were covered by the state’s insurance program.
Restoration of HCC’s information technology infrastructure currently is underway and is expected to be completed by the week of Aug. 14.
Notifications are being sent to the 28,000 individuals who may have been impacted, and will include an offer of credit monitoring and identity theft protection services through Experian.
UH also is recommending impacted individuals freeze their credit file, review account statements, set up multifactor authentication, and place either fraud alerts on their account or change their passwords and security verification questions and answers.
To prevent attacks in the future, UH Information Technology Services is increasing scanning and monitoring across the 10-campus system while deploying additional security technologies to protect campus servers and networks.
The HCC email added there were 190 known ransomware attacks against educational institutions from June 2022 and May 2023, and that many more went unreported and unrecorded.
See Thursday’s Tribune-Herald for more on this story.