Cyber Incident Victim: Augustana University
Date:
May 2019
Location:
United States of America
Summary
Augustana College experienced a ransomware attack potentially compromising data on an affected server, though the specific type of data (student, employee, or both) and scope of individuals impacted were not disclosed. The institution responded by offering two years of complimentary credit monitoring to those affected and initiated security enhancements, including reviews of existing protocols and employee training to improve recognition of malicious links. While the attackās exact vector was unclear, phishing was suggested as a possible cause.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Augustana College experienced a ransomware attack discovered on or around May 1, 2019, disrupting operations and compromising data stored on an affected server. The institution issued a public notification acknowledging the incident but did not disclose whether the encrypted data pertained to students, employees, or both populations. No specific details were provided regarding the number of individuals impacted or the exact nature of files compromised on the targeted server. The college confirmed the attackers deployed ransomware, a type of malware that restricts access to systems or data until a ransom is paid, though the notification omitted whether any payment was made or demanded. While the initial attack vector remained unconfirmed, the college referenced enhancing employee training to recognize malicious links, suggesting phishing may have been a suspected entry point.
In response, Augustana College implemented credit monitoring services for two years at no cost to affected individuals as a protective measure against potential identity theft or fraud stemming from the breach. The institution initiated a review of its existing security protocols and committed to strengthening technical safeguards to prevent similar incidents. Security awareness training for employees was prioritized to improve threat recognition capabilities, particularly regarding suspicious emails or links that could deliver malware. The college did not disclose whether law enforcement agencies were involved in investigating the attack or whether data restoration efforts relied on backups versus other recovery methods. No additional technical specifics about containment timelines, forensic findings, or financial impacts were included in the publicly available notification.