The data of students and staff was compromised in a June cyberattack, Mount Royal University officials said Tuesday.
MRU also said the crime was a ransomware attack. The perpetrators typically act as extortionists and are paid to allow the retrieval of infected data.
Two different targets were affected in the June 17 crime, with information in one of them known as the H drive being stolen, said MRU.
“We regret to inform our community that our investigation has now shown that data within certain folders on the University’s ‘H drive’ was accessed and taken by an unauthorized actor,” the university said in a statement.
“The actor then deleted our H drive data to impede our recovery.”
Data in the drive was used to support students’ academic and employees’ work, though “depending on what individuals chose to store in the folder it may contain personal information.”
Only some of the folders in the drive were accessed and MRU said they’ll be contacting the individuals impacted in the next week. Those affected are current and former students and staff, they said.
Also targeted was the university’s J drive containing departmental data, which was deleted by the culprit, but no data was accessed or copied from it, they said.
“We are still working to recover deleted J drive data, but a full recovery may not be possible,” said MRU.
Analysis of the fallout and the data’s recoverability could take weeks or months, they added.
In the meantime, MRU said as a precautionary measure, all current employees and individuals employed within the past five years will be provided with two years of credit monitoring and identity theft protection services, said MRU.
The Alberta Information and Privacy Commissioner’s office is aware of the cyberattack and police have been involved in the investigation, but there have been no arrests.
A week after the attack, one faculty member said the scheduling of courses, fall registration and the payroll system had been most affected, though he said he had been paid.
The instructor also said MRU-issued laptops were recalled to undergo servicing in response to the attack.
On Tuesday, the university said the summer semester is unfolding as scheduled and some deadlines for the fall semester have been adjusted.
The crime is among a series of ransomware attacks targeting institutions such as post-secondary schools.
In 2016, the University of Calgary paid $20,000 to culprits in a bid to restore vital research data.
BKaufmann@postmedia.com
X: @BillKaufmannjrn
Catch up with the day’s headlines, curated by our editors and delivered to your email inbox at lunchtime on every business day. Sign up now for the Calgary Herald Noon News Roundup.
