According to LockBit 3.0’s leak site, the group has allegedly exfiltrated 514 GB of sensitive data from the university’s systems. They have shared screenshots of the stolen data on their leak site and Telegram channel. The compromised data reportedly includes budgets from 2020 to 2024, project and tender financing documents from 2022 to 2026, and details about a €1.7 million budget allocation for construction works. Confidential information such as non-disclosure agreements for the upcoming WineCraft 2024 event, 2023 tender design contracts, and a contractor’s investment plan for 2022 are also said to be among the stolen data. With a ransom deadline set for May 28, the university is urgently working to mitigate the attack’s impact with support from the Italian National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale). However, the involvement of LockBit has not yet been officially confirmed.
The University of Siena acknowledged the cyber attack on May 10 through its website, informing the public about the suspension of several services, including the international admissions website, ticketing services, and payment management platforms. The notice assured users that payments made before the attack were registered, despite temporary disruptions between payment confirmations and application processing. Due to the overwhelming volume of assistance requests from international candidates, the university advised students to avoid sending multiple inquiries, promising to respond as soon as possible. Specific instructions were provided for students who had already paid fees but not submitted applications and those who submitted applications but had not paid fees.
This incident is one of the largest attacks claimed by LockBit following recent law enforcement disruptions to their activities. It underscores the persistent threat posed by ransomware groups and their capacity to cause significant disruption even amid operational challenges.
Source: The Cyber Express
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.