Cyber Incident Victim: University of Massachusetts Lowell

On June 15, 2021, the University of Massachusetts Lowell (UMass Lowell) announced a closure of all campuses due to an unresolved IT outage, canceling in-person and remote classes along with business operations. The university’s primary website became inaccessible, prompting the use of a temporary site for communications. Initial updates characterized the disruption cautiously, stating network communications were suspended to assess the incident’s scope. Information technology staff deployed Red Cloak threat detection software across university devices to identify and evaluate potential security compromises, indicating a proactive diagnostic phase. Restoration efforts prioritized academic infrastructure, including platforms like Blackboard and Zoom, though no timeline was provided. The closure extended through June 16, with no restoration of services achieved during this period.

The incident necessitated a second consecutive day of canceled operations on June 16, followed by a June 17 announcement that business functions would resume while classes remained canceled to accommodate revised summer session timelines. The university acknowledged plans for extended assignment deadlines and makeup dates to mitigate academic disruptions. A pre-scheduled closure for Juneteenth on June 18 remained unaffected. Throughout updates, UMass Lowell emphasized retaining control of its IT infrastructure but disclosed no specifics regarding the incident’s nature, root cause, or whether ransomware or extortion demands were involved. The multi-day suspension of network services and reliance on contingency communications underscored the operational severity, though no data compromise or unauthorized access details were confirmed publicly.