AMSTERDAM (Reuters) - The University of Maastricht on Wednesday disclosed that it had paid hackers a ransom of 30 bitcoin — at the time worth 200,000 euros ($220,000) — to unblock its computer systems, including email and computers, after an attack that unfolded on Dec. 24.
Ransomware attacks have become commonplace, with insurers raising cyber security premiums by as much as 25% after hacker targets in 2019 included companies, hospitals and airports.
University Vice President Nick Bos said the university had decided to pay the ransom after considering the alternatives, which would have included rebuilding its entire IT network from scratch.
“The damage of that to the work of the students, scientists, staff, as well as the continuity of the institution, can scarcely be conceived,” he said.
Bos was speaking at a press conference to disclose what the university knew about the hack, including that the initial breach had resulted from an unidentified staff member clicking on a phishing e-mail a month earlier.
Cybersecurity firm Fox-IT, which helped the university recover and analyze what happened, identified the hackers as TA505, a Russian-speaking criminal group.
Reporting by Toby Sterling; Editing by Bernadette Baum