SAN FRANCISCO—On Friday, June 26, the University of California San Francisco (UCSF) announced that they decided to pay an approximately $1.14 million ransom to the hackers behind the attack on the School of Medicine’s systems, which happened on June 1, to unlock the encrypted data and return the data they took.
According to a statement on the UCSF website, the Information Technology (IT) staff at UCSF discovered a security breach that happened in a certain area of the School of Medicine’s IT environment on June 1. The attack made the servers inaccessible and encrypted data. The school decided to quarantine the IT systems immediately.
“We quarantined several IT systems within the School of Medicine as a safety measure, and we successfully isolated the incident from the core UCSF network. Importantly, this incident did not affect our patient care delivery operations, overall campus network, or COVID-19 work,” read the statement.
UCSF indicated that they had already stopped the attack while the intrusion was occurring. Since then, the IT staff has been working with a “leading cyber-security consultant” to strengthen the defenses of their IT systems.
The statement notes that the investigation of the attack is still ongoing. Meanwhile, USCF indicated that they do not think the attackers have exposed any patient medical records.
“Our investigation is ongoing but, at this time, we believe that the malware encrypted our servers opportunistically, with no particular area being targeted. The attackers obtained some data as proof of their action, to use in their demand for a ransom payment. We are continuing our investigation, but we do not currently believe patient medical records were exposed. As additional facts become known, we will provide further updates,” read the statement on the UCSF website.