Cyber Incident Victim: Universidad De La Salle

On or around January 6, 2023, the CL0P ransomware group publicly claimed responsibility for a cyberattack targeting Universidad De La Salle by adding the institution to its data leak site. As evidence supporting their claim, CL0P published images of passports and a copy of an international agreement allegedly exfiltrated during the breach. This action indicated unauthorized access to sensitive personal identification documents and institutional records. The group did not disclose additional specifics regarding the attack methodology, scope of compromised systems, or demands made to the university. No further technical details about intrusion vectors, malware variants, or data encryption were provided in CL0P’s initial disclosure.

Universidad De La Salle did not issue any public statements acknowledging the incident through its official website or social media channels as of the reporting date. Attempts to solicit confirmation via a Facebook message directed to the university received no response. The absence of an official acknowledgment left the full extent of operational disruption, data exposure, and remediation efforts unverified. The leaked passport images suggested potential risks of identity theft or fraud for affected individuals, while the international agreement’s exposure raised concerns about institutional confidentiality. No information was available regarding the university’s internal detection mechanisms, incident response actions, or coordination with law enforcement. The lack of observable containment measures or communication underscored uncertainties regarding the attack’s resolution and long-term consequences for data subjects and institutional operations.