Cyber criminals have obtained data from people who have graduated from Delft University of Technology (TU) and Utrecht University (UU), the universities write on their website on Tuesday. This includes personal information, contact details and career data.
The universities had a backup on the servers of software company Blackbaud, which was hit by ransomware between February 7 and May 20. Both universities had an old backup from 2017 at Blackbaud.
This back-up contained the personal data, contact details and education and career data of alumni. At Utrecht University, data from donors and relations has also ended up in the hands of the hackers. Both universities emphasize that the criminals did not have access to bank details and passwords that were on the backup, because they were encrypted.
According to the universities, the chance that they were the target of the cyber attack is small, because it affected a large number of universities worldwide. "Given the large number of educational institutions and foundations worldwide that has been affected by this incident, we have no reason to believe that the cyber attack was specifically aimed at TU Delft or its alumni," said TU Delft.
It would also be unlikely that the data was misused. "Blackbaud informs us that the company has received confirmation that the hackers have now destroyed the data in question and reports that there is no reason to believe that they have distributed the data", UU writes.