Cyber Incident Victim: Universidad Nacional De Educacion de Peru

On or around October 21, 2022, the Universidad Nacional De Educacion de Peru experienced a cybersecurity incident involving the BlackByte ransomware group. BlackByte representatives confirmed the attack during a ToxChat conversation with DataBreaches.net, stating they had exfiltrated data prior to encrypting the university's systems. The group indicated the institution was aware of the breach at the time of communication, though no specific timeline for initial intrusion or encryption was disclosed. Attack methodology followed a double-extortion pattern characteristic of BlackByte operations, involving data theft followed by system-wide encryption to pressure victims into paying ransom demands. No sample data or specific claims about data volume were publicly released for this victim, unlike parallel attacks on Universidad Piloto de Colombia where ALPHV/BlackCat leaked 300GB of student and administrative data.

The incident occurred amid a surge in ransomware attacks targeting Latin American educational and governmental entities during October 2022. While the university did not issue public statements regarding the breach's operational impacts or data compromise scope, BlackByte's confirmation of data exfiltration created potential risks of sensitive information exposure. Concurrent attacks affected Ecuador's joint armed forces command (personal data of military personnel leaked by ALPHV) and Guatemala's Ministry of Foreign Affairs (targeted by VSOP group), demonstrating regional targeting patterns. No containment measures, forensic findings, or recovery timelines were disclosed by Universidad Nacional De Educacion de Peru, contrasting with Universidad Piloto de Colombia's Facebook acknowledgment of an incident occurring the same week. The lack of transparency mirrored responses from Costa Rica's Municipality of Belen, which remained silent following its Karakurt ransomware attack earlier that month.