Cyber Incident Victim: St. Francis Xavier University

On or around November 1, 2018, St. Francis Xavier University in Canada experienced a cryptojacking attack that compromised an undisclosed number of its computing systems. The attackers deployed malicious software designed to hijack university resources for unauthorized cryptocurrency mining operations, specifically targeting Bitcoin. Cryptojacking attacks exploit vulnerable systems to covertly utilize computing power for mining activities without victim consent, a method that gained popularity among threat actors due to its relatively low effort requirements and potential for significant financial gain through large-scale operations. The university's IT Services team detected this automated attack and, in consultation with external security specialists, made the decision to completely disable the entire university network on November 1 as a containment measure. This network shutdown affected all servers and services, causing widespread operational disruption across campus systems.

The university issued a press release confirming the cryptojacking incident through its online newsroom, characterizing it as an "automated attack" involving cryptocoin mining. Investigators found no evidence that attackers accessed personal information of students or staff members during the breach. In response, IT Services implemented a staggered restoration approach to gradually bring systems back online while minimizing residual risks. As a preventive measure, the university reset all network passwords and deployed enhanced security protocols to fortify defenses against future attacks. The institution committed to ongoing monitoring and analysis for suspicious activity in subsequent weeks. This incident coincided with a broader industry trend documented by McAfee Global Threat Intelligence, which reported an 86% quarter-over-quarter increase in coin mining malware samples during Q2 2018, highlighting the growing prevalence of such attacks during this period.