The University of Hawai’i Community College network confirmed that it decided to pay off cyber criminals following a successful ransomware attack on its network.
The ransomware attack, first reported on June 13, compromised personal information of approximately 28,000 individuals. University of Hawai’i said it “made the difficult decision to negotiate with the threat actors in order to protect the individuals whose sensitive information might have been compromised.”
The school specifically noted that a “significant consideration in this decision-making process was that the criminal entity responsible for the attack has a documented history of publicly posting the stolen personal information of individuals when agreement with the impacted entity was not reached.”
University of Hawai’i said it resolved the attack by working with an external team of cybersecurity experts. The outside experts helped the school reach an agreement with the threat actors to destroy all of the information the threat actors illegally obtained.
The school also noted that restoration of Hawaiʻi Community College’s IT infrastructure is in progress. The wireless network at all locations has been restored, while the restoration of the wired network is expected to be completed by the week of August 14.
Despite being promised that all compromised information was deleted, the school is sending notification letters to approximately 28,000 individuals, which will include an offer of credit monitoring and identity theft protection services.